Why data protection is more important than ever for SMBs

Over the past few years, hackers have become bolder and cyberattacks are on the rise. According to the HISCOX Small Business Cyber Risk Report, 47% of small businesses suffered a cyberattack within the past year. Of those, nearly half experienced up to four more attacks.

Along with fraud, cyberattacks are ranked among the highest concerns of small business owners for keeping their businesses alive and healthy.

How bad is it out there and what can you do about it?

It can happen to you

Let’s look at the numbers.

According to a recent Internet Security Threat Report from Symantec, nearly half of all small businesses will be the target of a cyberattack. Less than 20 percent of those businesses believe they currently have the ability to mitigate those attacks. While large businesses are also susceptible to attack, they are likely better positioned and prepared to effectively defend themselves.

Of those attacks that target SMBs, customer records are the most targeted type of information followed closely by intellectual property, credit card numbers, and other financial information.

You can lose your business

The news gets worse.

For businesses that fall prey to a successful cyberattack, the costs can be overwhelming. In a report by the Ponemon Institute, on average, SMBs lost approximately $2 million due to damage or theft of sensitive IT data. The disruption to business operations can cost even more. In the case of healthcare or finance industries, which have heavy regulatory compliance issues, violation fines can often triple that expense.

Responding to a cyberattack after the fact is too little, too late. The damage has been done to your business assets and your reputation.

How you can protect your data

It’s not all doom and gloom. There are ways you can protect your data from bad actors and save yourself the headache of an embarrassing and damaging cybersecurity breach.


The very first level of security protection involves solid, safe, and sensible authentication protocols. This not only means having a strong password creation process but also considering the use of two-step authentication.

In addition, you can establish and enforce policies to change passwords on a regular basis and educate employees about not sharing password information with anyone.


Encryption goes a long way in keeping your data safe. Even if a bad actor manages to get access to your networks, when you have the proper encryption tools and protocol in place, accessing that data will be worthless to them. Encryption can be placed on either or both ends of an information exchange – from mobile devices and desktop workstations to network servers or cloud applications and storage.

Employee education

It is often said that your greatest assets are your employees. This is no less true when it comes to protecting your company’s data. Make sure your employees not only understand the importance of correct password and encryption use but also safe email and internet use. They should know when to be wary of phishing emails, suspicious attachments, and links that are not what they pretend to be.

Simple precautions can save you and your business a lot of trouble.

Consult the experts

Depending on your business needs and size of your network, you may wish to consult with a managed service provider who can help determine your security needs, provide monitoring, and offer support either online or remotely. They can also help you formulate a disaster recovery plan should your data be compromised in any way.

Forewarned is forearmed

Knowing the risks and knowing how to minimize those risks is your best bet in helping your business survive the rising tide of cybercrime constantly looking to compromise your data and hurt your business.

The threats are real and the consequences can be devastating. By taking precautionary steps, shoring up your network security, and educating your employees, you can keep your business running smoothly and safely and focus on growth rather than disaster.