Top two ways SMBs can protect their data

Tesla's scare

In July, an employee of Tesla was recruited by a Russian national to gain access to their computer systems through malicious software for $1 million dollars. Thankfully, the employee contacted Tesla, who, in turn contacted the FBI resulting in the attempt being foiled. You may wonder what this has to do with your business, and you may feel it’s unlikely you’d ever encounter this scenario. To some degree, you’re probably right; it is unlikely someone would pay $1 million dollars to gain access to your company network if you’re an SMB. 

Is my SMB a target?

While large companies make the news by falling victim to cyber attacks, the dirty little ‘secret’ is that SMB’s are preyed upon even more frequently. As an SMB, you may wonder what an attacker could possibly want. You don’t have anything of ‘value’ to steal. Unfortunately, you’re wrong. They want from you exactly what they wanted from Tesla, your data. You may not face a threat of conspiracy like Tesla did, but you’re just one employee’s careless click away from potential ruin. 

While you can never totally eliminate risk, there are ways to harden your defensive posture and stack the odds in your favor. Traditionally, SMB’s have shrugged off preventative measures due to perceived cost vs. benefit. Today, the stakes are higher than ever. Ransomware alone cost the United States $7.5 billion dollars in 2019. It should be clear by now that it’s important to address the risks appropriately.  

If I could share only two things to help you, it is this: 

  1. Your people are your weakest link, so train them to be a human firewall. This needs to be ongoing training that is measured and validated. 
  2. Add some sort of detection to your network. Once someone is inside your network, if you lack a method of detection you’re completely at their mercy. Having detection in your network is kind of like having airbags in your car. While an accident still presents a risk of injury, your outcome is likely to be much better.

Click here to protect your business.

Information from Chris Brenes, Director of IT and Security

Chris is responsible for all aspects of Entech’s internal technology, IT security, and providing IT security to clients. He focuses his time and talent on our organizational security/policy, and he’s often called upon as a subject matter expert speaker in the areas of cybersecurity and compliance. In combination with his technical expertise, Chris also provides executive leadership and oversight.