Small businesses have a false sense of security about Internet access
Most small business owners believe that Internet security is critical to
their success and that their companies are safe from cyber security threats: but
most fail to take fundamental precautions. This is the major finding from a
survey of US small businesses.
alt="Security Manual - Sarbanes-Oxley" vspace=3 align=right
src="http://www.it-toolkits.com/images/Securitymanual.gif"
longDesc="Security Manual Template - Sarbanes-Oxley">The survey found that
two-thirds (67 percent) of US small businesses have become more dependent on the
Internet in the last year and 66 percent are dependent on the network for their
day-to-day operations. What’s more, 57 percent of firms say that a loss of
Internet access for 48 hours would be disruptive to their business, 38 percent
said it would be ‘extremely disruptive’ and 76 percent say that most of their
employees use the Internet daily.
The vast majority of small business owners think their company is
cyber-secure as 85 percent of respondents said their company is safe from
hackers, viruses, malware or a cyber-security breach and seven in ten (69
percent) believe that Internet security critical to their business’s success.
Additionally, a majority (57 percent) of small businesses believe that having a
strong cyber security and online safety posture is good for their company’s
brand.
Despite this, a closer look reveals that most small businesses lack
sufficient cyber security policies and training. 77 percent said they do not
have a formal written Internet security policy for employees and of those, 49
percent reported that they do not even have an informal policy. More small
business owners also said they do not provide Internet safety training to their
employees than said they do – to a tune of 45 versus 37 percent. And a majority
of businesses (56 percent) do not have Internet usage policies that clarify what
websites and web services employees can use and only 52 percent have a plan in
place for keeping their business cyber-secure.
At the same time, small businesses may not understand how to respond to
online threats or the danger they pose. For example, 40 percent of small
businesses say that if their business suffered a data breach or loss of customer
or employee information, credit card information or intellectual property, their
business does not have a contingency plan outlining procedures for responding
and reporting it. Two-fifths (43 percent) also say they do not let their
customers and partners/suppliers know what they do to protect their
information.
The survey also found that 69 percent of their businesses handle customer
data while about half (49 percent) handle financial records, one-third (34
percent) handle credit card information, one quarter (23 percent) have their own
intellectual property, and one in five (18 percent) handled intellectual
property belonging to others outside their company. When asked to rank the top
concern of small business owners while their employees are on the Internet, 32
percent reported viruses, 17 percent spyware/malware and 10 percent reported
loss of data. Yet only 8 percent are concerned about loss of customer
information, 4 percent about loss of intellectual property and only 1 percent
worry about loss of employee data, even though cyber security experts believe
the loss of any of this kind of information would be devastating to a
business.
Leave a Reply