IT and Business Insights for SMB Solution Providers

Manuel W. Lloyd: Just Because You’re Not a Big Target, Doesn’t Mean You’re Safe

Sort of Ironic that the word "Target" is in my title. That was not to spite the retailer whom I love to shop. However, a great lesson; I trust, was learned about security. Now, here is another lesson for SMBs that think they are too small for hackers to worry about.

Think Again... 71% of Malicious Data Breaches Target Business With Less Than 100 Employees

However, most SMBs don't have the same financial footing or ability to rebound from a cyberspace attack like Target is doing. Many times damage is irreparable with some companies out of business within six months of a significant attack.

Most businesses are now technology dependent. This means security concerns aren’t just worrisome to large corporate enterprises anymore, but also the neighborhood sandwich shop, the main street tax advisor, and the local non-profit. Regardless of size or type, practically any organization has valuable digital assets and data that should not be breached under any circumstances.

This makes it the responsibility of every business, especially those collecting and storing customer/client information, to implement a multi-pronged approach to safeguard such information. Yes, we’re looking at you, Mr. Pizza Shop Owner who has our names, addresses, phone numbers, and credit card information stored to make future ordering easier and hassle free.

Today’s SMB Needs a Robust Security Plan

Protecting your business and its reputation comes down to developing, implementing, and monitoring a robust security plan that adequately addresses everything from physical access and theft to the threat of compromised technology security. This involves defining and outlining acceptable uses of your network and business resources to deter inappropriate use. Here are four key components to consider.

  1. Network Security Policy: Limitations must be defined when it comes to acceptable use of the network. Passwords should be strong, frequently updated, and never (EVER) shared. Policies regarding the installation and use of external software must be communicated.

    Lastly, if personal devices such as laptops, tablets, or smartphones are accessing the network, they should be configured to do it safely, which can be done easily with a reliable Mobile Device Management (MDM) solution.

  2. Communications Policy: Use of company email and Internet resources must be outlined for legal and security reasons. Restricting data transfers and setting requirements for the sharing or transfer of digital files within and outside of the network is recommended. Specific guidelines regarding personal Internet use, social media, and instant messaging should also be clearly outlined. If the company reserves the right to monitor all communication sent through the network, or any information stored on company-owed systems, it must be stated here.
  3. Privacy Policy: Restrictions should be set on the distribution of proprietary company information or the copying of data.
  4. Inappropriate Use: Obviously, any use of the network or company-owned system or device to distribute viruses, hack systems, or engage in criminal activity must be prohibited with the consequences clearly noted. Any website that employees cannot visit should be identified if not altogether blocked and restricted. For instance, downloading an entire season of True Blood from a Bit Torrent site isn’t an acceptable use of company Internet resources.

    Every employee must know these policies and understand the business and legal implications behind them. Companies must also make sure these policies are clear and understood by all, and most importantly, strictly enforced.

Download my free E-Guide "Combating Cybercrime on a SMBs Budget"

  • Learn why today's small businesses are oft a stepping-stone for thieves to access bigger and better data
  • Learn how to understand the vulnerabilities causing cybercriminals to zero in on smaller firms
  • Find out how inadequate security could cost small businesses clients or potentially lucrative business partnerships
  • Learn ways SMBs can keep cybercriminals at bay and protect sensitive data without a huge budget or overhead costs

Wishing You Much Success,

Manuel W. Lloyd
Founder & CEO, Manuel W. Lloyd Consulting®

Helping government, education, consumer, and business executives successfully achieve legislative compliance within their IT systems through thought leadership, business insight, and leading edge thinking since 1992.

About the Author

Manuel W. Lloyd's picture

Manuel W. Lloyd a USMC Veteran (4 years) with 20+ years of IT Industry & Business Experience. Since 1992, Manuel W. Lloyd has provide thought leadership, business insights and leading edge thinking to companies such as Emergency Management Division Camp LeJeune, IBM Global Services, Lucent Technologies, Coke, HP, Honeywell, GE Equity, AutoZone Corporate, and others across the globe.

Manuel W. Lloyd is the inventor of GECaBi®, a fast, lean, agile, secure, and hybrid neo-design platform of computer hardware, integrated circuits, communications hardware & software, software protocols, and computer networks for Government, Education, Consumer, and Business integration. GECaBi® identifies and solves the most critical IT Infrastructure, Connectivity, Mobility, Performance, Reliability, Business Continuity, and Security problems by using patent-pending technology involving the integration of government, education, consumer, and business networks.

ChannelPro SMB Magazine

Get an edge on the competition

With each issue packed full of powerful news, reviews, analysis, and advice targeting IT channel professionals, ChannelPro-SMB will help you cultivate your SMB customers and run your business more profitably.