Why small and mid-sized businesses need to pay more attention to protecting their data
With the expansion of 5G around the corner, which will provide faster download and upload speeds, wider and more reliable coverage, and more stable, simultaneous connections, managing and accessing information will become even easier. This is good news for Canadian small and mid-sized businesses that are planning their own digital transformation. As businesses look for ways to manage their financial information, customer data, intellectual property and other key assets with digital systems, whether on internal servers or in the cloud, they’re also thinking about how to protect these key assets as the business world moves towards 5G connectivity.
In order to protect this valuable information, businesses of all sizes need to consider their security strategy, especially as they grow. Many small and mid-sized businesses often assume that their companies are too small to be targeted by hackers, but the truth is that cyber attackers don’t discriminate: they consider any target to be a good target. In fact, according to research from IDC Canada, medium-sized businesses employ 23 per cent of Canadians, but are responsible for 42 per cent of personal private data being compromised.
This should be a huge concern for companies, as customers expect reliability and security when it comes to their information. The Fall 2018 Cybersecurity Survey Report by CIRA (Canadian Internet Registration Authority) states that 85 per cent of customers felt businesses should do more to protect their data and that 75 per cent said they wouldn’t buy from a company they felt couldn’t protect their data.
In today’s competitive landscape, trust is a critical commodity. So, what can you do to protect your data? Here are four steps to take to secure your business online.
Assess your assets
Securing your information must start with understanding where your data resides and what it contains. IDC Canada’s Cyber Security Guide for Canadian Businesses, recommends that businesses try to think like a hacker when trying to protect data, and consider what might turn out to be weak spots. The report recommends that data must be secured and monitored wherever it’s stored, that data must always be secured while in transit, and that only data that is needed should be kept and stored. Assess what information you’re keeping and determine whether what you’re holding onto is necessary or if it’s putting your company at risk.
Prepare and plan
After you have a good understanding of what you need to protect, prioritizing what needs the most attention, and considering your budget helps to ensure that your spend and efforts will be focused on the right areas. Once you have your strategy in place, you can start looking at the right solutions and services to protect your company’s assets.
Train and keep training
Cyber threats are becoming increasingly sophisticated. Even diligent, careful employees can become victims of phishing or unknowingly opening an attachment with a virus. Yet, according to the Canadian Survey of Cyber Security and Cybercrime, released by Statistics Canada in 2018, only 32 per cent of medium-sized and 16 per cent of small businesses provided training to their employees to develop their cyber security-related skills. Security training should be mandatory from day one, and should not be a one-time event. In order for training to be effective, it needs to be consistent and frequent, with a goal of keeping security top of mind for employees. Security isn’t an issue that belongs to the IT department — every employee needs to understand the risks at hand and stay vigilant in their daily online activities in order to protect the company.
Engage with experts
There are myriad tools and services on the market to help your organization ensure it’s secure. Many choose to engage with a managed security service provider, which can provide 24x7x365 coverage — a good option for small and medium-sized companies that may have limited or no onsite security staff. These providers can assess threats, identify vulnerabilities, and ensure compliance so that your business is safe and secure.
Your data is the lifeblood of your company. There’s never been a better time to start thinking about how to protect it.