In some ways, technology has been a boon to business. People can work from anywhere. Smart devices have made office connectivity effortless, and everyone’s using IT tools to improve their workflow. However, it also makes it increasingly easy for cyber criminals to breach your company’s systems and databases. Something as simple as a Wi-Fi enabled printer can serve as an access point for malware, ransomware, and hackers.
So how can IT directors and small business owners stay on top of these threats? Here are ten myths and ten sobering facts about business security that can’t be ignored.
Photo Credit: Photo by Liam Tucker on Unsplash
The Top Ten Myths and Troubling Truths About IT Security
1. Myth: Most security threats come from outside.
Fact: Many security threats come from within an organization. 46% of employees admit they transfer files between work and personal computers (source: Lippis Report) and 13% admit to using their personal emails when they can’t connect to an office network (source: Accenture).
2. Myth: Passwords offer the best security.
Fact: While passwords offer some protection, they are still not people-proof. 70% of small and mid-sized businesses reported lost or stolen employee passwords (source: Ponemon Institute).
3. Myth: My antivirus software will protect me from online threats.
Fact: Information hacking is often hidden in something that looks innocent. Many “phishing” programs disguise themselves as emails or unsolicited attachments, and 57% of companies have experienced “phishing attacks” that attempt to steal sensitive and/or personal data.
4. Myth: Cyber threats are over exaggerated.
Fact: On average, a hacker attack occurs every 39 seconds (source: University of Maryland). That means 2,244 attacks every single day!
5. Myth: My business is too small for any real attacks.
Fact: Almost half (43%) of cyberattacks target small businesses (source: Accenture) and Canada has been identified as the second largest market for cyber attacks, costing Canadian small businesses almost $2.3 billion dollars in ransom demands last year.
6. Myth: My office IT has security features already built in.
Fact: Many businesses have security features that go unused. 23% of small and mid-sized businesses don’t use endpoint security protections like encryption tools or firewalls (source: BullGuard), which means their devices are vulnerable to harmful programs.
7. Myth: Hackers can’t really affect my business that much.
Fact: 1 in 5 small businesses have been forced to close due to high ransomware demands (source: Cnet). On average, cyberattacks cost a business $200,000 (source: Hiscox) to resolve and many never recover from the revenue loss or the loss of consumer trust.
8. Myth: If my IT systems are seriously breached, I will detect it right away.
Fact: IT monitoring can protect you, but if your credentials have been compromised, it means a hacker could be in possession of your username and/or password, which effectively bypasses perimeter security. And over 50% of small businesses reported compromised credentials in 2019 (source: Verizon), with the average time of detection sitting at 206 days (source: Veronis).
9. Myth: Viruses are the main threat to business security.
Fact: Ransomware is becoming an increasing problem, with ransom demands skyrocketing into millions of dollars. In fact, 85% of managed service providers identify ransomware as the main malware threat to small and mid-sized businesses (source: Datto).
10. Myth: Security breaches only affect my business operations.
Fact: In the first half of 2019, 4.1 billion records were exposed by data breaches (source: RiskBased) and some of these data breaches have done irreparable damage to a brand. According to a 2017 study from Ponemon Institute, 65% of customers affected by a breach lost trust in that organization, with one in four taking their business elsewhere.
Best Practices for Business Security
The task of keeping your IT safe may seem daunting, but don’t panic, here are some best practices that can ensure your tech infrastructure and print systems remain secure.
- Make sure ALL employees use strong passwords or better yet use unique password sentences
- Use a different password for each subscription to an online service
- Train your employees on how to detect ransomware [link to Com Pro’s “how to not be a victim of ransomware” blog]
- Do not allow access to the company network without using a Virtual Private Network (VPN)
- Do not allow employees to use laptops for work without encrypting their hard drives
- Keep all your devices updated with an automatic patch schedule
Knowing is Everything
With these measures in place, you won’t have to be worry about your wi-fi enabled printer becoming a gateway for hackers or your IT systems becoming a playground for ransomware. Knowledge is power and after reading this you’re that much wiser about the top threats to your business security.
Want to stay ahead of hackers? Consider our Managed IT and Security services, so you can take care of business, while we take care of your IT.