Alltech IT Solutions Blog

You Don’t Hear About the Small Businesses That Get Breached

You Don’t Hear About the Small Businesses That Get Breached

It feels like every week we learn about another big business or bank or municipality getting hacked, and the data of their customers getting stolen.

Big organizations are losing millions of dollars, forcing their hand to run damage control to millions of customers and deal with crushingly bad press. Beyond feeling a little numb to these cyberattacks (more on this in a moment), many small business owners might be feeling pretty lucky they don’t need to deal with these types of threats. Unfortunately, they are dead wrong.

The Big Breaches Hit the News, But They Aren’t the Only Breaches

It makes sense that we hear about the big cybersecurity attacks, like the ones that hit major entities like Capital One, Equifax, Yahoo, or Riviera Beach, Florida. When a breach affects thousands, or hundreds of thousands, or millions of individuals it’s going to hit the news.

Two out of every five Americans had their data stolen from the Equifax breach, and in July 2019 alone… just one single month, it’s estimated that 2.2 billion records were leaked across multiple cyberattacks. That’s like saying one out of every four human beings has had their data stolen...in July. Granted, there is overlap. A single person could have had their information leaked multiple times, but still, this is insane.

This number comes from the top 27 cyberattacks worldwide this summer. 

While small businesses don’t have 100 million customer records for cybercriminals to pilfer, small businesses also don’t typically have the level of security a big enterprise would. Think about Capital One - how many of their over 49,000 employees are wholly dedicated to cybersecurity and preventing data theft? It’s not a stretch to say that they have more internal resources strictly dedicated to IT security than small Florida businesses.

Small Businesses are Low Hanging Fruit

It’s easier to get your way into a small business network, and although the payoff is smaller, it isn’t insignificant. Nearly 40 percent of small businesses end up paying the ransom for ransomware. A single record (a record is a collection of an individual’s personal information) can sell on the dark web for anywhere between $1 to $1000 depending on how much information is captured. How much customer (or employee) information do you have stored? It doesn’t take much to make it worth it to a cybercriminal.

Worst of All, Many Attacks are Still Random

The most popular online threats are still the ones that don’t target specific individuals or businesses. Phishing attacks, malware, trojans, and all of the threats we deal with at both home and at work essentially just spread on their own. They infect one computer which then infects others, or spreads out via email, etc. 

We don’t tend to hear about these threats as much anymore because of how massive the big cybersecurity breaches are, but these autonomous threats are just as dangerous and have the same consequences.

But My Organization Doesn’t Have the IT Security Budget of a Major Enterprise

Earlier I mentioned Capital One having over 49,000 employees, and assumed that they had many employees with roles were dedicated to cybersecurity. I’m only postulating this but it’s a pretty fair assumption to make. 

That said, a small business does have one advantage that massive organizations don’t; being smaller leads to fewer points of entry. A 49,000-employee business has a thousand times more points of entry than a 50-employee business. Security has to deal with every single employee, every single computer, every single way a user or employee can access company data, how the website accesses data, how their mobile app accesses data, how third-parties access data, etc.

For many smaller businesses, it can certainly be complicated, but not nearly as complicated. Does a 20-person office need an on-staff, in-house IT security expert? Probably not.

What Does a Small Business Need to Stay Secure?

  • The basics - centralized antivirus, antimalware, a firewall, content filtering, intrusion detection, and spam protection, kept updated and patched.
  • Network/device monitoring - catch issues early so they don’t escalate under your nose.
  • Employee training - educate employees and simulate threats to test the diligence of staff.
  • Regular compliance audits - this changes a little based on your industry and what kind of data you collect, but running audits regularly will help ensure you are safe.
  • Bring Your Own Device and Strong Password Policies - enforce best practices for accessing company data.
  • Data backup/disaster recovery - Always be able to restore from a secure backup.

Depending on your needs there might be a few other pieces to this puzzle, and it might seem like a lot, but your small business is just as much at risk, if not more so, than a large business.

We can help you with your IT security. Give us a call at 954-628-3770 and ask about getting an IT security audit.

Do You Need Cybersecurity Insurance?
Tip of the Week: How to Identify (and Foil) a Phis...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, January 21 2020

Captcha Image

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Communication Hard Drive DDoS Printers Collaboration Movies Hardware IT Management Specifications Laptop News Vulnerabilities Cryptocurrency Entertainment Privacy Ransomware Hiring/Firing Apple Health Mobile Device Management Autocorrect Help Desk Recovery Malware Touchscreen Wearables Employees Saving Money Tablet Analytics Customer Relationship Management Internet Explorer Tech Term Google Drive Settings Sales Websites WiFi Two-factor Authentication Reporting Staffing Multi-Factor Authentication Employee-Employer Relationship Internet of Things VoIP Current Events Vendor Avoiding Downtime Cost Management Cloud Managed Service HIPAA SSD Payment Cards Printing Government Recycling Document Management HP Holidays Law Enforcement Risk Management Plug-In Quick Tips Operating System Licensing Paper disposal Medical IT Scams Memes Business Intelligence Physical Security Tech Terms Phone System Managed IT Services Security Cameras Virtual Assistant Voice over IP Edge Education Machine Learning Computers Patch Management Data Breach Twitter Human Resources Business Management Live Streaming Fleet Management Content Filtering VoIp User Security Distribution Voice over Internet Protocol RAM Productivity Payment Co-Managed IT Financial User Tips Biometrics Outlook Customer Service Telephony WhatsApp Paperless Office Database CrashOverride Email App Automation Backup Data Management Paste Gmail Cybercrime Access Control A.I. Managed IT Services Hosted Solution HaaS Smart Technology Network Attached Storage Electronic Health Records Spyware Remote Computing Going Green Personal Information Microsoft IaaS Data Inventory Humor Managed Service Provider Data loss Business Technology Money eCommerce Copy Millennials Automobile Microsoft Office 365 Hard Disk Drive Remote Support Gaming Console Vulnerability Batteries Unified Communications Spotify Alert instant Messaging Printer Gadget Synergy Emergency Threat Computer Social Network Insurance Information Technology eWaste Access IT budget PowerPoint Hacking Apps Gadgets Email Management Big Data Windows Server 2008 R2 Yahoo Wi-Fi Television Remote Monitoring Cabling Cybersecurity Environment Alerts Mobility Encryption Dongle Best Practices The Internet of Things IT Support Website Wireless Internet How To Video Games Marketing Video Printer Server Office Safety Mobile Security Holiday Virtual Private Network Downloads Windows XP Mobile Office Conferencing Business Miscellaneous e-waste Authentication Cleaning Botnet Networking Tech Support Budget Samsung Telephone Systems Thank You Server Management Efficiency BYOD Spam Windows 10 Hybrid Cloud Productivity Network GDPR Server Workers Virtualization VPN Digital Net Neutrality User Tip Time Management IT Services Backup and Disaster Recovery Technology G Suite OneNote Save Money Tip of the week Project Management Benchmarks Work/Life Balance Unified Threat Management Emoji Threats National Security Shortcut Social Media Phishing Facebook Regulation Telecommuting Bandwidth Microsoft Teams Managed IT Service Webcam BDR Freedom of Information Hackers File Sharing Security Update Credit Cards Tip of the Week Software Innovation Data Recovery Scam Cortana Business Continuity Instagram Telephone System Online Shopping Profitability Training Bitcoin Politics Compliance Connectivity Updates Troubleshooting WannaCry Google Maps Employer Employee Relationship Technology Tips Outsourced IT Telecommute Blockchain Windows Wireless Charging Browser Remote Control Managed IT Users Lead Generation Battery Hacker Excel Eliminating Downtime Mobile Device Data Security Hosted Desktop Artificial Intelligence Business Computing Mobile Devices Android Certification Value Password Authorization Analysis IT Ink Dark Web File Management Passwords Chrome OS Computer Care Chrome Multi-Factor Security Display Vendor Management Scalability Processor Staff Workplace Tips Microsoft Office Maintenance Amazon Sports Spam Blocking Data Backup Internet Solid State Drive Scheduling Comparison SaaS Bring Your Own Device Files Smartphone iPhone Hard Drives Knowledge Office Tips Remote Monitoring and Management Cables Router Hosted Solutions Employer-Employee Relationship Virus Managed Services Provider E-Commerce Proactive IT Dark Data IT Support Information Travel Search Upgrade Healthcare Applications Disaster Recovery Taskbar Windows 7 Worker Wireless Antivirus Processors Tactics Error Windows 10 Communications Small Business Company Culture Network Security Word Cloud Computing Congratulations Streaming Media Office 365 Managing Stress Google Data Protection Smartphones Retail Storage Trends Leadership