SMBs coming round to IT security: Symantec
By Edwin Yapp November 14, 2012
- SMBs realizes that IT security is a must for the sake of their continuity in business
- Education and the implementation of a complete solution are key factors to addressing such challenges
SMALL- and medium-sized businesses (SMBs) are more aware of the importance of IT security in their operations as several trends drive them to adopt a more holistic view of security, according to Symantec Corp.
Koh Ee Laine, senior technical consultant, Symantec Malaysia, noted that the awareness of IT security in SMBs has increased in tandem with an increasing number of cyber attacks being inflicted on businesses both big and small.
“The June 2012 Symantec Intelligence Report noted that targeted cyber attacks against SMBs have doubled, climbing to 36% of all targeted cyber-attacks globally,” she told Digital News Asia (DNA) in an email. “One [such] data breach could mean financial ruin for SMBs, as it could wipe out all their hard work, threatening not only business data, but also important customer relationships.”
Koh (pic) said there are several trends that are driving SMBs to adopt security more seriously, including mobility, cloud services, and the bring your own device (BYOD) phenomenon.
She added that as more SMBs increasingly use cloud services and as the BYOD trend becomes more prevalent, they realize that security breaches will impact a significant part of their business if data protection is not given more serious consideration.
“Mobility is allowing employees today to interact in a different way,” she said. “The explosion of new devices that provide access and interaction everywhere means employees are working and collaborating in ways once not imagined. This opens an organization’s proprietary information up for exposure in a variety of places.”
Koh also pointed out that SMBs are also becoming a key part of the supply chain, especially as a IT supplier to large companies. SMBs, she added, realize the ability to stay in business is critical, especially with increasing competition.
“Downtime will be costly for SMBs, whether it is due to a malware attack, loss of confidential information or data breach,” she said, adding that cyber-criminals are also using SMBs as a stepping stone to breach larger companies’ IT security.
Limited time and resources
Notwithstanding these developments, Koh acknowledged that SMBs usually have limited time, money and expertise to secure and manage their information from external and internal threats.
Often, more pressing business needs will take precedence over security, backup and recovery for computer and network systems, leaving businesses vulnerable to data and system losses and causing serious damage and business interruption, she explained.
Asked what her recommendations are for SMBs to adopt security given these limitations, Koh said SMBs must find a way to automate key processes such as backup and recovery, implement endpoint protection and data loss prevention methodologies.
This way, SMBs can improve cost efficiencies and streamline manageability, which will allow them more resources and time to focus on their core business, she said.
Another step SMBs can take is to focus on education, Koh urged.
“Continuous education and awareness are important [steps] to ensure that SMBs are aware of the latest threats and tricks of cyber criminals. SMBs today are handling valuable information and having the right information at the right time can mean the difference between success and going out of business. Taking the necessary precautions to protect their confidential information and their customers’ sensitive information is essential.”
Koh said Symantec recommends the following best practices for SMBs to take note:
- Educate employees: Develop Internet security guidelines and educate employees about Internet safety, security and the latest threats. Part of the training should focus on the importance of regularly changing passwords and protecting mobile devices.
- Safeguard important business information: Safeguarding information is critical to businesses of all sizes, especially SMBs as one data breach could mean financial ruin for an SMB. Implement a complete solution to ensure proprietary information—whether it’s credit card information, customer data or employee records—is safe.
- Implement an effective backup and recovery plan: Protection information is more than implementing an antivirus solution. Backup and recovery is a critical component of complete information protection to keep SMBs’ desktops, servers and applications running smoothly in case of disruption—whether it’s a flood, an earthquake, a virus or a system failure.
- Secure email and web assets: Selecting a mail and web security solution that can help mitigate spam and email threats so small businesses can protect sensitive information and spend more time on day-to-day activities is key. Spammers and phishers will use current events and social engineering tactics to get users to give up personal information such as credit card and bank information.
Endpoint protection launched
Symantec has released its latest IT security software suite for SMBs known as the Endpoint Protection Small Business Edition 2013, which the company said was designed to give SMBs in Malaysia choice by offering a cloud-managed service and traditional on-premise management in a single endpoint protection product.
Philip Routley, Symantec’s head of SMB product marketing for Asia Pacific and Japan, said, “Symantec Endpoint Protection Small Business enables SMBs to quickly and easily protect information by eliminating complexity in their environment, giving them the freedom to very simply move to the cloud when they’re ready, at no additional cost.”