How Can We Improve The Computer Security Of Our SME
SME owners should be aware that their company is at risk of cyber threats. Many attackers go after small businesses and eCommerce stores because they know that security is not one of their top priorities. This does not mean that all small businesses are vulnerable, but according to various NCSA reports, more than 80% of small businesses do not have any information security plan and more than two-thirds do not have plans or procedures on how to prevent computer security. attack on your technology infrastructure.
How much should we invest in computer security? Let’s not be alarmed, it is not necessary to dedicate half of our budget, but we do need to start dedicating budget items for our protection and security and that of our clients, who, after all, are the ones who sustain our business. We are going to review why we are at risk from these threats and how much we should invest in these tasks.
We are all at risk dedicating resources to computer security should no longer be optional, since all companies are at risk, especially the smallest ones. And it is that until 2019, attacks are taking place every 39 seconds and 43% of data leaks occurred against small organizations according to a recent study by the University of North Dakota. Attackers go after SMBs because they know they have a better chance of success due to less dedication to security. These studies show that cyber attacks can cost more than a million euros in losses due to data loss and recovery efforts, not to mention the deterioration of our company’s image in the eyes of our customers and the industry.
How much should we invest in computer security some attackers use programs to find the password to our systems and break in using what is known as brute force attacks. Others use DDoS ( Distributed Denial of Service ) attacks, causing our infrastructure and systems to become overloaded and end up crashing. There is also the use of ransomware, which we already discussed in the article we quoted at the beginning of this one, which allows our data to be hijacked and not returned until a ransom has been paid for it.
These are just some of the many methods that bad guys use, so we need a company or professional dedicated to monitoring and preventing these attacks. If we look at the companies that invested in security a couple of years ago, they spent between 4% and 8% of their budgets on computer protection. Of course, these costs vary depending on the size of each company. If we only have a couple of employees, the investment can probably be less.
We must invest in hiring a technology company or professional – or assign a dedication to a member of our technology team with knowledge in the field – to focus exclusively on the computer security of our infrastructure, media, and services. Much of your work, aside from the necessary technical setups and precautions, will focus on training our staff on how to avoid scams, social engineering, and phishing techniques, some of the most vulnerable entry points into any organization. Not surprisingly, this summer the technology giant Twitter suffered one of these attacks with devastating consequences.
Free security good practices It is important to note that although computer security is a necessity today, many precautions can be put into practice without having to invest a lot of money:
- We can start with passwords, making them more complex by using numbers, letters, and special characters and making a point of updating them regularly.
- On the other hand, passwords for essential servers and services should only be known exclusively by those who need them, not by anyone else.
- Perform encrypted backups of all data automatically and regularly.
- Implement multi-factor authentication on our servers and services.
- Today, with remote work so present, we must provide our employees with access to our infrastructures through virtual private networks (VPN), thus including another layer of security in their incoming connections to our systems.
Working with secure suppliers improves our security If we implement management applications in our company, which can work on cloud servers that focus on security, as is the case with ‘s applications and servers, we are also investing in the security of applications and data and in those of our clients, because for us security is one of our priorities and as we mentioned before, our company and prestige depend directly on the security, stability, and efficiency of our client’s applications and data. We must all be aware of the value of technology and computer security because there is too much at stake to stay on the sidelines. Start investing in security right now and don’t regret it in the future.