12 Feb 2016

Why Smaller Businesses Need to Think Big about Mobile Security

Your business is only as safe as its weakest access point. With a growing reliance on IT, the Internet and mobile devices to support dynamic growth; traditional network perimeters are melting away. What can SMEs do to protect themselves from the increasing threat of cyber crime?

Smaller businesses are a big target

The latest buzz in technology is the IoT (Internet of Things) and Gartner predicts that by 2020 there will be 26 billion IoT devices. That’s 30 times more than we use today. What this signifies is a major tilt in the way we work, how we think and our use of smart technology. Already, we all use smart technology on mobile devices to manage our work on the move and even to help with daily processes such as our travel e.g. finding optimum travel routes. We are all streamlining our business processes to work more effectively. Like most businesses, SMEs rely increasingly on a mobile workforce. But the very agility this provides for growth could potentially open them to risk – and it’s risk that can be avoided.

According to the latest Government Security Breaches Survey carried out by PwC, 74% of small organisations reported a security breach in the last year, which is an increase on previous years. SMEs are a great target because they store far more data than the average consumer but generally employ fewer security measures than larger companies.

Even better for criminals, many SMEs simply don’t realise they’re in danger. Government figures show that UK SMEs are risking 32% of their revenue through poor security practices, with 66% of companies ignoring or being unaware of their own vulnerability.

99.9% of private sector businesses in the UK are small or medium sized. It’s no wonder cyber criminals are attacking the poorly protected majority, not the hard-to-crack 0.1%.

The cost of cybercrime

The average security breach costs £4,000. Fixing the worst breaches can reach as high as around £300,000, putting the business out of action for up to ten days. With the total cost of cyber crime running to an estimated £34 billion a year, the economy is affected too.

For SMEs, the bill for fixing a cyber attack might be only the start. Loss of reputation and customer trust could lead to serious long-term problems. Many smaller businesses simply never recover.

Malware, mobility and the moving perimeter of corporate networks

The traditional notion of separate networks with securable perimeters is dying. As businesses become more mobile, devices extend the perimeter and become the attack vector, and it’s these that must be secured.

Cybercriminals are already one step ahead. A recent report from Alcatel-Lucent showed that mobile malware rose 25% during 2014. Additionally, The Motive Security Labs malware report found that attacks on Android devices have increased, with infection rates between Android and Windows devices split 50/50. Apple products remain the safest but any device, regardless of make or model, that captures and relays information from one network to another is an obvious security threat.

The more easily data is passed around, the riskier the device that facilitates the data transfer. This potential hazard leaps up a few notches when your device is able to connect directly into corporate networks. Yes, your VPN might be secure, but what about the devices that can access it? Keyloggers, for instance, record every keystroke you make to a file log (including passwords) including instant messages, email and any other information you type on the with a keyboard or mobile device keypad.

Of course once a device has accessed your network, the fun really begins. Malware comes in many guises, viruses being the most widely known with ransomware fast becoming the most popular. Data loss, fraud and your equipment becoming the next attack vector to target other corporate networks are all very real possibilities. In June 2015, the FBI reported 1000 ransomware infections, resulting in a total loss of at least $18 million.

A mobile workforce adds a valuable dynamic to your business, maximising efficiencies and opportunities. Below are some practical tips to help you reap the benefits of a secure mobile workforce, with minimal risk.

Practical steps to securing access

Conduct a thorough audit including all your mobile devices. How many devices have access to your networks?

Make sure you have a decent firewall in place and upgrades are installed as your provider releases the updates.

If you let visitors/staff connect their own devices to your Wi-Fi, make sure you’re not giving them access to your company network.

Make sure the operating system on any device is kept up to date – these can be important security patches.

Regularly change your passwords or use a password manager. Are your passwords protected? Are those passwords secure enough?

Make sure you have anti-virus software installed and you maintain the updates regularly.

Make sure you are downloading material/software over the Internet from a reputable supplier.

Train your staff and build awareness. This is just as important as installing the correct IT.

There’s no need to feel nervous about using your mobile devices. Security can be easy to solve with the right focus.

Do you need some help with your security? Click here and we will get in touch to discuss this further with you.