The Small Business Owner

THE TREND: Companies, regardless of size, rely on critical business data to succeed and flourish. Based on a Trend Micro-sponsored Ponemon Institute study, more than 78% of organizations have suffered from at least one data breach over the past two years1.

Your company may face considerable financial liabilities if it loses sensitive data. Even worse is the damage to your reputation, especially since most consumers said they would entirely stop dealing with an organization in the event of a security breach2. Even small businesses with antivirus solutions in place are prime cybercrime targets.

MYTH: My business is too small to be a target.

FACT: Size does not matter. Believing you are not susceptible to a breach, combined with the vast amount of data your business holds, potential employee negligence, and a lack of a dedicated IT staff makes your business a prime target for attackers3. In fact, the majority of small businesses agree they can’t do enough to protect their data using the measures and technologies they currently implement.

Cyber criminals do not discriminate. As long as they can gain profit and find anything lucrative to exploit, they will4. Understanding the threats your business faces, their potential impact, and the regulations you need to follow is really the least any business owner should be doing.

MYTH: The antivirus I have is good enough.

FACT: Traditional antivirus software is not a cure-all. An advanced persistent threat can manage to stay undetected in a network or system for a long period while progressing toward its goal—usually to steal data. An advanced persistent threat’s ability to bypass blacklisting allows them to move within the network without detection and steal corporate passwords in order to gain access to other systems.

Since attackers consider small businesses prime targets, relying on traditional security technologies can also put you at risk for a customized malware attack in which hackers identify their victims and purposefully infect the user's computer to steal data. Customized malware attacks account for most data breaches and the chances of a data breach are higher when businesses believe that their traditional antivirus is enough to protect their assets, particularly against customized attacks5.

MYTH: I can trust my employees and don’t have to worry about enforcing data security policies.

FACT: A company’s greatest asset—its employees—can also be its weakest link. The top reasons cited for data loss were employees’ tendency to open attachments to or click links embedded in spam, to leave their systems unattended, to not frequently change their passwords, and to visit restricted sites. This negligence puts critical business data at risk from data-stealing cybercriminals and malicious insiders. Research shows that 56% of employees frequently stored sensitive data on their laptops, smartphones, tablets, and other mobile devices. This means there is more than a 50% chance that confidential information can land in the wrong hands should they lose these devices6.

WHAT YOU CAN DO ABOUT IT:

Set rules for employees. Regardless of what devices your employees are using, empower them with best practices and guidelines to minimize the risk of falling prey to the various aspects of cybercrime. Stress the personal and business consequences of not protecting their mobile devices, systems, storage devices, and the confidential data these contain from loss or theft. Don’t let social networking endanger your network. Make sure employees understand the importance of reporting any incidents that could put their colleagues, customers, or even the entire organization at great risk.

Think of passwords as keys. The stronger the passwords to accounts are, the harder they are to crack.

Patch holes in your organization’s walls. Identify which information is critical, who could and should be able to access it, then investigate the best ways to protect it with the aid of a trusted IT advisor. Like holes or cracks in walls, areas where your company data is most vulnerable can cause your security perimeter to crumble.

Use a reputation-based solution as a countermeasure for non-traditional threats. Trend Micro small business antivirus security solutions are powered by the Trend Micro™ Smart Protection Network™, a global cloud-based threat intelligence network that uses cloud data mining framework and finely tuned custom reputation-based tools to identify new threats. Employ a smarter, more comprehensive all-in-one security solution to protect your online experience—whatever you’re doing and whatever device you’re doing it on.

1 http://a248.e.akamai.net/f/248/25855/14d/ig.rsys1.net/responsysimages/ trm/__RS_CP__/TrendMicro_rpt_the-human-factor-in-data-protection_analyst-ponemon.pdf

2 http://www.prnewswire.com/news-releases/unisys-security-index-shows-americans-will-take-action-against-organizations-that-compromise-their-personal-data-133063783.html

3 http://about-threats.trendmicro.com/smb-primers/is-your-business-at-risk-of-losing-data/

4 http://about-threats.trendmicro.com/smb-primers/small-business-is-big-business/#/7/zoomed

5 http://www.verizonenterprise.com/DBIR/2013/

6 http://it.trendmicro.com/imperia/md/content/uk/12_security_predictions_for_2012.pdf