7 of the Most Significant Threats to IT Security for Small and Medium Businesses
Strong business case using outsourced services
Last year saw no let-up in the anxieties over cyber security. Criminal enterprises seem able to distribute malware via email to steal identities unimpeded by the international cyber law enforcement authorities; hackers continue to crack open customer databases of businesses as diverse as TalkTalk and Ashley Madison. It is a necessity for any business on the internet to be able to effectively defend against today’s agile threat environment.
Here we consider the top 7 security threats for smaller and medium businesses.
1. Continuing evolution of malware
- Malware is likely to continue to develop to hide within normal services and exploit less well known communication protocols. One of the most successful, ransomware is unlikely to diminish as it is performing well for the criminals. Don’t be a victim. If they do get in, make sure you have backups to avoid having to pay because there is no honour among thieves there are no guarantees.
2. Internet of Things (IoT)
- Putting devices in the internet just because you can doesn’t mean you should! The IoT represents rich pickings for cyber criminals. The threat is agile because the criminals are constantly mining for vulnerabilities to exploit.
3. Wearable devices
- Much of the data uploaded by wearables is personal, and with wellbeing the overarching purpose it is often biometric in nature. Make sure privacy settings are correctly configured and read the small print in the service providers Ts&Cs. We’ve yet to see a major data leak here, but when it happens it will probably make big headlines.
4. Mobile payments
- Mobile wallets in smartphones and contactless card payment systems are increasingly popular with many retail businesses using the technology to accelerate cashless transactions and speed up service, particularly important where businesses have lean staff numbers. An attack seems likely, so beware.
5. BYOD (Bring Your Own Device)
- Despite the savings and the productivity benefits, the threat from personally owned devices on business networks is significant. Businesses must have well thought out policies and implemented effective strategies to remain in control.
6. Beware of personal cloud storage services
- Personal cloud storage from Dropbox, Google Drive and iCloud etc. pose a significant risk when used by employees to provide easy access to company data across devices. Have a strong policy and makes sure permissions are on a need-to-access basis. Be aware that public cloud services have been used to distribute ransomware.
7. The Dark Web or Tor
- The underbelly of the internet where nasties such as child pornographers, narcotics marketplaces and other illegal activities reside remain hidden, may start to find mainstream acceptance but don’t think it’s been cleaned up. Make sure defending against threats from Tor is part of your security strategy.
Security advice you can trust from HTL Support
For advice on securing your network against these or any other threat simply get in touch today. Our expertise in IT security, our selection of ISO27001 data centres and our position of trust amongst the professional services sector means clients always get security they can rely on with HTL Support.