A new year is upon us and many local consumers are supporting a new movement of shopping and supporting local businesses. It’s true; our local businesses and business owners provide vitality to our region. Small businesses make up the majority of businesses nationwide. This rings especially true here at home with privately owned small businesses also being the largest employer in Southern Illinois. So much depends on our local small businesses. It should come as no surprise, then, when we find the majority of network security attacks occur against small businesses. Malicious hackers neither are just evil geniuses targeting only the Fortune 500s nor are they only foreign government agents attempting to spy on US interests. While this can be said, perhaps, of a very low percentage of malicious actors (and definitely the most televised and reported), most malicious hackers are private citizens with day jobs, university students, kids with a malicious application on their smartphone, and the girl or guy next door who you wave at taking out the trash. More often than not, malicious hackers are, otherwise, normal people. As average people, these hackers often do not have a heinous motive. In fact, very often when hackers are caught and convicted, they often state that they did something simply “because they could” when asked. It is in this motive that proves most worrisome to small businesses.
Small business owners, as well as all business owners, would do well to think about the three primary areas of information security: confidentiality, integrity, and availability. In brief, these areas of concern are of the utmost importance to business continuity and are, lucky enough, fairly straight forward. Most can agree that anything that is intended to be private needs to stay private. Confidentiality is normally what is thought of most in the area of security. Competitive quotes, inter-office emails, and proprietary business tactics all come to mind as things we wouldn’t just want anyone to be able to see, find, or, worse, distribute. Integrity, while often not thought of, shows its importance when thinking about emails between parties. We want to be sure who is on the other end. This rings true when connecting to servers, connecting to the office from home, and even when connecting to wireless networks. Perhaps most important, and the most under-rated, is availability. We cannot work on data that, simply, is not there. When we think about our backups and disaster recovery, we are thinking about availability. While some of the savviest small businesses are ensuring security through confidentiality and integrity, they often miss an easy win with availability in that no backups are being taken and, if backups exist, they exist on an external hard drive sitting right next to the server it is backing up.
It’s easy to make mistakes when securing your business’ data, users, and network, but it’s also easy to make sure things are done right from the beginning. Taking an early careless approach to information security is a potentially catastrophic mistake as things become more difficult to remedy as business grows and scalable solutions are required. It’s reported that 60% of small companies that suffer a cyber breach of some kind are typically out of business in half a year or less. Unfortunately, however, most small (and even medium-sized) business cannot afford a full-time IT / or Cybersecurity Engineer. It’s cost prohibitive to think of all the measures necessary to secure every piece of technology a business might need day-to-day. So, what is there for a small business to do?
It’s important to have a partner. Northbridge Professional Technologies is Southern Illinois’ premier IT security firm. Our team of engineers has decades invested in working with and protecting businesses throughout the region and can work rigorously in taking care of your IT assets for a fraction of the cost of a full-time, or even part-time, member of your staff. Northbridge Professional Technologies exist to make its clients and partners more successful and, as such, provides free network assessments to all new customers. If you would like more information in keeping your business network on the right track, consider a partnership with Northbridge Professional Technologies.
Derek Hyland is a Security Specialist and the Senior Network Engineer at Northbridge Professional Technologies in Murphysboro, IL. Derek current holds the following certifications: CompTIA CSA+, CompTIA Security+, Cisco CCNA Security, Cisco CCNET, Datto DCAT, 3CX CE, and has received CNSS 4011 recognition from the Committee on National Security Systems.