Featured Guest Post by Jeremy Kushner — Principal and Chief Consultant at Bay Area Computer Solutions.
In our recent article covering the frequency and breadth of cyber-attacks (Why Are There So Many Cyber Attacks?) we covered cyber risk, hacking, and Internet security from the point of view of the international organization. While it’s true that most online cyber security scandals you hear about happen to large scale companies, don’t make the mistake of thinking they only happen to NGO’s and international companies.
In this blog post we are going to cover the reasons why your SMB (Small-Medium Business) is just as — if not more — vulnerable to cyber security attacks.
The size of the prize is the reason why larger scale companies are hacked. The size of your SMB network is the reason why companies with 150 employees might be hacked. For a second, let’s imagine a hacker has chosen your company to break into because you handle the private financial data of 500 people. With your whole company only numbering 115 employees, your internal network, more specially the amount of servers you utilize to keep your business running, is small.
With only a limited number of cloud or dedicated servers operating to keep your business running, the amount of stress (traffic load) any one server can handle is limited. Knowing this, someone could easily locate the IP of an exposed network server and launch directed DDoS attacks at that server with the hopes of effectively shutting down the network.
Another reason your size matters in terms of hacking is the hiding of critical consumer/internal employee databases. If your network operates on limited hardware, you won’t have the ability to mask your critical information database servers (financial information, social security information, transaction information) behind layers and layers of masked server security. Once a critical server is accessed via a man-in-the-middle attack, hackers can easily exploit your network.
Just as much as being a large company makes you more at risk due to publicity and size, being a small company puts you at cyber risk due to the limited amount of hardware your network needs to operate.
Securing All Data Connection Points
As the CFO of your company, you know how much you pay your IT engineers and network analysts to keep your cyber network secure. Do you know how secure it really is? When it comes to fending off a cyber-attack, the first proactive step you must take is understanding how to protect against all forms of Internet traffic. Not only does this mean deploying a solid network security monitor, it also means making sure every port, every modem, every router, every server and every node, etc. in your network is protected behind a rock-solid firewall. If a single port is unprotected, if a single data connection point is unprotected from incoming traffic, your network runs the risk of being infiltrated.
The same can be said for outgoing network traffic. While you have to fend against malicious inbound traffic, a fair portion of viruses reside on software you use internally. If a hacker manages to implant a virus in a piece of software you use to send critical information on, that outgoing traffic can be copied and rerouted to a shady server you aren’t aware of. For this reason, it is just as important to monitor outgoing traffic and its source as it is to monitor incoming traffic and its source.
Staying Up to Date With the Times
Another major reason why malevolent parties choose to focus their energy on SMBs is due to the high probability that some or all of the security software may be out of date. The truth of the matter is most small businesses don’t have the means, time, or the staff to keep updating software, hardware and technical progress — let alone to deal with the security patches, fixes, and updates which aim to protect that progress. As the world has shifted from a cash-based economy to a digital currency economy driven by apps like PayPal, Venmo and Square, the small business has been forced to keep up with the times even when they don’t have the security or staff in place to uphold changing tech standards.
Hackers know where they’re most likely to find weak links in the chain. Hacking parties understand a larger company with a larger network, while possibly more porous, remains more protected due to the size, skill and resources of their (IT Support team). If a hacker knows this, it won’t take him long to reverse engineer the equation to start preying on the SMB with lesser resources.
A simple way to prevent cyber risk for the SMB: make sure all of your software, hardware, and network security patches are current. Always download and keep the most
current version of your installed security systems.
As a small business owner, you’re worried about network security but busy enough that you can’t spend all your time tracking your security procedures. That’s where we came in. Bay Area Computer Solutions can perform an IT Security Audit, finding your weak spots before the bad guys do. Click the banner below to contact us for your consultation today! You can also reach us online or by phone at (650) 887-4601 for more information.