Article The Ongoing Challenge of SMB Security
By Insight Editor / 18 Aug 2020 / Topics: Modern workplace Featured Cloud Digital transformation
By Insight Editor / 18 Aug 2020 / Topics: Modern workplace Featured Cloud Digital transformation
SMBs know that digitalisation has the potential to transform the way they work. It is acknowledged that new technologies will overhaul existing processes and enable entirely new ways of working that will drive efficiency, boost productivity, and increase revenues.
This awareness is why 95% of IT professionals at smaller businesses have implemented digital initiatives either in the past year or plan to do so over the next 12 months.
Despite this optimism, the march towards digitalisation is not without its challenges. Nearly half of SMBs (46%) struggle to identify the best tools to integrate with their existing technology, while 45% find it hard to understand which new technologies to invest in, and 43% have budgetary constraints.
However, the biggest hurdle, cited by 52% organisations, is an evergreen concern – security.
The ever-evolving threat landscape is a challenge that must be faced by businesses of all sizes. No organisation is too large or too small to be the victim of a data breach – there is always someone out there that would benefit from the theft of data. According to Verizon, 43% of all data breaches involve SMBs.
The recent growth in the variety and complexity of threats has been matched by an expansion in the collection and analysis of data. Organisations have always had to pay attention to information security, but the greater volume, variety and sensitivity of data in the digital era makes it far more valuable to cyber attackers.
Organisations must have a comprehensive protection plan that guards against a range of threats, including advanced malware, ransomware, and phishing attacks. Plus, security must be integrated into the design of processes, applications and systems – not as an add-on.
A data breach can have a devastating impact on productivity and reputation, while the loss of customer or corporate data has serious reputational and financial consequences – especially in the era of GDPR.
An attack can also affect business continuity. Gartner estimates that the cost of downtime can be as much as $5,600 a minute. While this industry average figure doesn’t take into account the size of a business, or the specifics of the outage, it demonstrates the potential impact of an assault.
Research shows that security incidents affect smaller businesses disproportionately when compared to larger organisations. Most SMBs use basic cybersecurity tools, such as antivirus (97%) and email security (87%) but many have serious gaps in protection.
Four in five (80%) businesses believe they are well-protected against threats but 62% do not regularly conduct IT security assessments and 57% do not update their security software. The result is that even when SMBs feel they are protected, they are often not.
Major barriers for SMBs are a lack of understanding about the security tools at their disposal and a lack of support from vendors. The absence of specialist skills and appropriate guidance makes it difficult to integrate various tools to provide comprehensive coverage.
Compounding all of these issues is a lack of support from vendors and partners.
Nearly half (49%) of SMBs say integrating new technologies with legacy systems is very or extremely challenging when dealing with IT service providers. Visibility and transparency with regards to billing is also viewed as challenge.
Two fifths (40%) struggle to find a provider that can meet their specific needs. Complexity is exacerbated by the fact that 41% use between six and ten vendors for IT support making it difficult to manage projects and achieve desirable outcomes.
It is this context that can help explain why a recent survey found that 68% of SMBs won’t increase their investments in technology this year despite the fact that cost and operational efficiency is the most pressing concern of 58% of SMBs.
When asked about the top three factors that will influence their cybersecurity strategies over the coming year, 44% of SMBs said the protection of data, 40% cited business continuity, and 32% said the protection of physical assets and infrastructure.
One of the biggest ironies in IT is that many SMBs have either avoided or limited cloud adoption because of concerns about security. The truth is that public cloud platforms are actually more secure than on-premise infrastructure, can ease budgetary constraints by facilitating the shift to an OpEx model, and can aid wider digitalisation efforts.
Cloud-based platforms and applications overcome the lack of skills and resources that many SMBs face by taking control of security. Major cloud vendors such as Microsoft invest billions in cybersecurity and customers benefit from automatic patching that minimises the risk of a scheduling error or misconfiguration.
Microsoft Azure also offers greater visibility over data and adheres to industry-specific regulations and legislation like GDPR boosts compliance. The risk of downtime is further reduced by multiple availability zones that minimise a single point of failure.
There are other examples of tools that not only advance digitalisation but also enhance security. Microsoft 365, which combines Office 365, Windows 10 Enterprise and Enterprise Mobility Management (EMM), extends cloud-based protection across devices, applications and data.
Data is protected by Azure Information Protection, which can classify information according to type and sensitivity and inform Data Loss Protection (DLP) which stops the accidental or deliberate dispersal of sensitive information through user prompts and activity monitoring.
Meanwhile, Azure Identity Management helps organisations verify the identity of users and devices no matter which network they are using. Administrators can control which devices can access applications and data, roll out security updates, and enforce policies (such as mandatory PIN codes) using Microsoft’s InTune Mobile Device Management (MDM). All information is encrypted, and devices can be remotely wiped – limiting the impact of a lost or stolen phone or tablet.
Insight has helped organisations secure data and networks for more than 30 years, providing technologies and expertise that guard against threats and mitigate risks. Contact us to see how our Security Services can protect your organisation and diminish risk in the digital era.
Intelligent edge Customer experience Modern workplace Infographic Blog Article View all focus areas