Essential SME business cybersecurity – the main points

To most small and medium business and not for profit organisations, cybersecurity is one of the last points of interest at the management level. This assumption is not only bad for business but it can seriously damage you reputation as well as severely compromise your cash flow.

Like anything else in business – everything is connected.   Want to take payments online then you have to implement tighter security processes to make it happen.   Some SME’s understand this correlation, many don’t!

As an SME these points are where you need to start on your cybersecurity journey.

 Everyone has something to loose

No matter who you are, what your business is and who your customers are, you are selling something to someone.   With that point comes a number of other points.   You have to protect your business.   You have to protect you business information.  You have to protect your customers and their information.   Finally you have to make sure that your staff are protected as well.

What you use to do that is a matter of personal choice, as well as how you have been sold by the best salesperson available.  Just remember one solution is not the be all and end all of cybersecurity.   Cybersecurity is a process, almost a holistic process.   All of the parts have to work together to make a secure business environment.

Before the Internet, there was such a comment as ” too small to be a target”.   This no longer applies to the Internet world.   Just by being connected to the Internet you are a target.   It is like taking you business and moving it into the worst neighbourhood in the city, putting a lock on the door and hoping that someone doesn’t steal your “stuff”.

On the Internet there are no police on the corner, there are no niceties of business.   You are a target and the only thing that you can do is arm yourself with the biggest “gun” you can find.   It would be nice if we could turn it around on the cyber criminals and go on the offensive, but we cannot.  So we have to put in place protections that will keep the cyber criminals on the outside as well as protecting those people coming to you to purchase your goods.

 Proactive and paranoia play a large part in you protection

If you are not already PARANOID, Then I suggest this is the time to do it. In the world of cybersecurity paranoid is good, because everyone is after you.  Truly after you.   They want to steal your money, your intellectual property, your business and in some cases you complete identity.

So in cricket terms, you have to get on the front foot.   You have to position your business in such a way that it is only the very clever cyber criminal who have a chance of breaching your protections.   There is no such thing as inpeneteratable, your cybersecurity objective is to make it so hard and difficult that the cyber criminal will go else where, preferably your opposition.

There are lots of things that you can use to do this but these three things are a start.    Use passwords, difficult and complicated on everything. (check this out)  Train and teach your people the art of being suspicious and questioning things that look out of place and use some level of data encryption when the information is out of your control.   Finally put a security framework around your business.

Growth and opportunities have to be tempered with protective solutions

Since SME’s have little understanding of cyber resilience and cybersecurity making the business grow without implementing some level of protection is fraught with danger.  Most SME’s understand that opportunities have to be grasped with both hands.   A cyber resilient business is not only protected now but it has the ability to react to changes in the industry that will deliver better business opportunities.

Most business that are more that ten years old have a different perspective and focus that what they had when they started.   They have seen opportunities is other markets, different markets and some in the same.   Most businesses are in areas where they did not think they would be when the wrote their business plan.

These opportunities have developed through social media, the Internet or cloud computing.   Getting your marketing and brand out there are critical to a business and it has never been easier to compete on the world stage than now.   just remember the moment you attach yourself to the Internet, you are target.

So apart from the bad and to quote a song “the future’s so bright we will have to wear shades”.    Just make sure that your cybersecurity complements you business requirements.

Posted in IT Security, Security Advice and tagged , , , , , .