IT Security – Protecting Your Important Data
What are the two most important facets of your business today? Your first answer will probably be your employees. Chances are your second answer is your data. Imagine if you lost all of your company data due to a data breach or malware attack. Because the global business world has been digitally transforming itself from a process driven world to a data driven one, companies are more vulnerable than ever. We are creating data at an unprecedented exponential rate. Estimates are that we as humans have now created 2.7 zettabytes of data (that is 21 zeros) and is projected to grow to 180 zettabytes by 2025. The question is how do you as a business protect your data?
Protecting Your Data used to be Simple
The practice of protecting your company’s data was straightforward fifteen years or so ago. All your company data was hosted on premise on servers or stationary desktops. User devices had to have an Ethernet cable in most cases to access the network. IT implemented the castle wall strategy of enterprise protection, a methodology dating back to medieval times in which the King protected his kingdom with a fortified portentous wall to keep his enemies at bay. In the case of cybersecurity, the business simply installed a firewall at the edge of the network that was configured for port protection.
The Complexities of Protecting Your Data
Securing the network and the data it hosts is far more complicated today, thanks to the mobile world in which we live. Users regularly take their portable devices out of the secure confines of the enterprise. Once your devices are beyond the protection of the perimeter firewall, those devices are vulnerable to malware and hackers. Users may, and often do, connect their company devices to home networks and public WIFI’s that offer little or no security, exposing them to many different types of threats. When these devices returnto the on-premise network, they can then serve as launching pads for attacks. Users may also bring in personal devices, which may not have proper endpoint protection, leaving them wide open to attack.
Years ago, hackers spent their time probing network perimeters, looking for exposed avenues through the perimeter firewall to penetrate the network. Today, it is all about exploiting devices through the web and email. Email continues to be a preferred access method by hackers using well thought out and convincing phishing attacks. The web also serves as a primary avenue to launch malware in order to establish root kits that attackers can then use to operate within your network. It used to be that only certain categories of web traffic was indicative of these types of threats, but today hackers continually compromise trusted, well-known websites and can silently infect users via drive-by download attacks.
Small Businesses are Easy Prey for Cyber Criminals
Most people are aware of the high profile attacks such as the data breaches incurred by Yahoo and Equifax. These mammoth attacks both involved millions of personal records and the ramifications of these attacks will be felt for years to come. However, just because you are a small business located in Atlanta, Alpharetta, Cumming, Duluth, Johns Creek, Milton, Norcross, Peachtree Corners, Roswell, Suwanee and Surrounding Metro Areas does not mean you will not be targeted in the same manner as large corporations. Consider these statistics from 2016.
- 43% of cyberattacks target small businesses.
- 60% of small businesses go out of businesses within six months of a cyberattack.
- Only 14% of small businesses rate their ability to mitigate cyberattacks as highly effective.
According to an article in USA Today, 90% of small businesses do not use any data protection at all for company and customer information. This may be a key reason why according to the latest Verizon Data Breach Investigation Report, 61% of cyberattacks targeted small business in 2017, a dramatic increase over the prior year. Cyberattacks cost small business between $84,000 and $184,000.
Why Hackers May Target Your Business
At the very least, your business has personal information concerning your employees and customers. These records are confiscated to sell on the dark web or to hold the business for ransom. There are many costs incurred for these types of data breaches. There is the cost of cleanup, which can run over $100,000. Then there is the cost inflicted from a public relations standpoint, which usually results in the loss of current or future business. According to a study in 2016 by the Ponemon Institute, the average cost per stolen record in the United States healthcare industry is $355 and $158 globally. In other cases, hackers may steal proprietary information to sell to a competitor or again hold for ransom.
A Managed Services Provider Can Protect You
Cybersecurity is a far more involved process than it was fifteen years ago. Enterprises must be protected with a multilayer security strategy today. These can include a mix of perimeter and local firewalls, encryption of data both at rest and in transit, endpoint security, email security filtering, web filtering and multifactor authentication. Keeping all your hardware and software fully patched and up to date is also critical. A security conscious MSP will also conduct periodic vulnerability scans of your network to locate vulnerabilities and possible exploits.
Ensuring the safety of your employees and protecting your data are two critical goals for every business. For those businesses that lack the resources to finance a highly trained dedicated security team, a MSP is a must in the dangerous cyber world we live in today.