The school year may have drawn to a close, but there’s a bigger test facing small business owners no matter the time of year. Here’s a quick pop quiz: what are you doing to protect your Information Technology (IT) from malware?
Just like students who put off studying for final exams, businesses have a lot of “reasons” for not investing in good antivirus and IT security solutions. In fact, according to a recent study by McAfee, one in six computers are completely unprotected from online threats, with 19.32% of US systems failing this most basic security test.
Today we’re going to examine the excuses given for not adopting an antivirus solution, and what the consequences could be for your business.
“We’re too small to be a target.”
Maybe you’re a very small shop and think malware authors are only after the “big fish.” Unfortunately that’s just not the case. Malware attacks don’t focus on individual large payouts; instead, they target huge numbers of victims (large and small) to collect a profit. Fake antivirus software, or scareware, can “sell” for less than fifty dollars a pop. Unlocking company data can lead to identity theft for you, your employees, and your customers, with each hit leading to potential new victims for the bad guys.
Here’s how a GFI senior threat researcher put it:
Anyone who goes on the internet is a potential target for cybercriminals looking to infect systems and scam users.... Malware writers and phishers do not discriminate. They purposefully cast a wide net when picking their methods of attack in order to reach as many targets as possible. Whether you are a young gamer, a successful business owner or a government employee, you need to be wary....
Good advice, and one that leads to our next point.
“We’re careful in how we use the Internet.”
We’re glad to hear it, but here’s a follow-up question: what do you mean by “careful?” And just where does that oversight begin and end?
For example, maybe you’ve got great compliance on how your employees use their workstations (congratulations!) But what about the other technology they use? According to a recent study sponsored by TrendMicro, 69% of participating small businesses reported that sensitive company data was often transferred to mobile devices. Infected public wireless (including hotels used for business trips) and mobile specific viruses (which doubled in less than three years) could now affect your business.
Even if you managed to keep everything “in house,” cautious Internet usage is not a comprehensive security plan. Malware continues to grow in complexity and sophistication, and there are any number of ways your IT could become at risk even when you feel you’re doing everything right. Drive by attacks can come from web ads, misspelled urls that imitate a legitimate site, and even normally dependable portals that are hacked.
Prevention is great, but it’s only as good as every member of your team, and it can’t clean up the mess once an infection happens. Of course, some may feel they don’t need even that bit of protection because....
“We only use [fill-in-the-blank], and those systems don’t get viruses.”
Oh really? That’s a pretty sweet system: did it come with a free unicorn? Seriously, though, there’s a mistaken belief that certain companies are immune to malware. Invest in them, the thinking goes, and your business will have the IT version of Superman.
Remember, though, that even the Man of Steel could be brought down by a bit of kryptonite. Here are some cold hard facts about vendor vulnerabilities:
- Malware has spread to every known computer system, even in space.
- Cross-platform programs can lead to cross-platform infections (such as the recent JAVA exploits leveraged against both Windows-based PCs and Macs).
- The sheer number of attacks are increasing exponentially as malware kits have gained in popularity and usage.
Convinced, but still afraid your small business won’t make the grade?
“We can’t afford good antivirus.”
But can you afford to fix an infection? The truth is that going without protection can be far more costly than making an initial security investment. According to a recent study by the Ponemon Institute, companies suffered 72 attacks a week, with the average recovery time being 18 days at a cost of $415,748.
Fortunately, there are many antivirus vendors that offer solutions to keep small businesses secure without busting the bottom. line. Here at Cii we’ve found good results for our clients from our partners at McAfee and GFI, and we can help you wade through the different plans available to make the most of your investment.
Any final questions, class?
In closing, here’s a great quote from McAfee on why they’ve tailored security solutions specifically for small businesses:
SMBs are in a unique situation when it comes to defending themselves against the rising tide of cyber threats that cover the business and technology landscape. They can’t afford high-priced IT and security talent on-site; they can’t afford a breach that threatens their very existence, and they know that the space they occupy is going to attract more, not less, attention from the hacker community. Additionally, the proliferation of mobile devices driven by the need for any time, any place access to company data and service is adding to the enormous challenge of keeping these companies secure with limited IT resources.
Sounds like a summary of all the points we just went through, doesn’t it?
Malware is certainly a threat to businesses of all sizes, but this is one test that you don’t have to face alone. Choosing a good antivirus and security partner can make all the difference in success or failure. Make sure you have the right support system in place to ace the test and keep your small business protected from malware.