Small and medium-sized enterprises (SMEs) experience slightly more data breaches involving personal information, and the comparative size of data breaches is usually larger compared with data breaches of larger enterprises.
To effectively defend themselves, SMEs must recognise that data is valuable to hackers because it is valuable to the business and, therefore, must protect it accordingly, says information technology distributor Rectron cloud and software solutions director Elaine Wang.
More than one-third of SME organisations take between one week and six months to discover an attack and businesses must take a holistic approach to cybersecurity, including deploying preventive and disaster-recovery measures, she advises.
“User training and monitoring are important because users are typically the weakest point of a network. Employees are usually unable to detect a fraudulent email, so companies need to educate employees on spotting malware, phishing attacks and social engineering tactics to avoid accidental breaches.”
Additionally, implementing policies that limit users’ ability to install unauthorised software on work devices and requiring users to update passwords regularly can go a long way towards protecting the network of a business.
SMEs should also deploy network security tools and can find multiple monitoring and antimalware tools on the market that can help to protect the network, and also includes mobile device management.
Requesting that users employ a mobile security tool trusted by the organisation could also help to reduce vulnerabilities, she adds.
“A company’s information technology division should routinely perform software upgrades to ensure the latest security patches are rolled out across the entire organisation, as there are still many companies not installing consistent software updates on devices,” highlights Wang.
Further, a disaster recovery system for business-critical applications is crucial to reduce downtime as a result of an attack. It should take into account all possible risks and the exact minimum needs of a business to continue operations.
Simultaneously, a robust backup system helps to prevent data loss – automatic cloud-based backup services are a popular way of backing up important data.
“SMEs are important drivers of productivity in most economies, including in South Africa. Cybersecurity breaches can close a business down permanently, and businesses need to ensure that they have not only adequate security measures in place but also contingency plans if a breach does take place,” she advises.
“While small businesses seem to think there is little need for cybersecurity because they do not present as lucrative targets to hackers as do larger corporations, this is false. It is a matter of when, not if, and SMEs must prepare accordingly to protect their data and businesses,” concludes Wang.