The cost of cyber fraud to Irish small and medium-sized businesses has in some cases gone as high as €25,000 and 44pc of businesses are being affected by various forms of cyber crime from both inside and outside their premises, according to the Small Firms Association (SFA).
SFA assistant director Avine McNally said this week that information technology and the internet are key drivers of productivity and growth, but small businesses must be also aware of the potential dangers and address these in a proactive manner to safeguard their businesses and their employees.
McNally has warned small businesses that they are vulnerable when online. “Firms are increasing their use of information technology and the internet on a daily basis, and while this brings enormous benefits to the business, firms must realise that they are vulnerable when online.
“Businesses face a growing problem over online crime, increased spam and cyber bullying and many companies will face future legal action if they fail to have adequate safeguards in place to protect their IT systems and staff from these problems.”
In the past year, small firms have increasingly become the victims of a range of online crimes, including internet scams, identity fraud, phishing and data theft.
“Small businesses need to be very vigilant and tighten up their online security after a recent UK study found that 44pc of businesses have been the victim of cyber crime, whilst a recent SFA survey shows that over 5pc of respondents who trade or offer services on the internet experience fraud”, commented McNally.
“The costs of these incidents ranged up to €25,000, which highlights the potential exposure faced by on line traders and users of internet financial services.”
One of the biggest dangers for small businesses is the threat of sudden spam surges. McNally said.
“Spammers increasingly innovate and employ new methods to elude businesses’ traditional anti-spam solutions. ‘Spam spikes’, as these attacks are known, occurs when individual domains are aggressively targeted. These attacks can be very threatening to small businesses in particular, as their e-mail servers become overloaded, preventing receipt of communications and orders from customers.
“As cyber crime becomes more sophisticated, basic measures aren’t enough on their own – it is crucial for businesses to take a multi-layered security approach. They must look at access control, data encryption and secure password practices, as well as looking at other measures such as staff training,” McNally added.
Another worrying trend, she said, is the increase of cyber bullying where an individual is tormented, threatened, harassed or bullied by another using the internet. This is a growing problem and small firms are being warned they must do more to combat this.
“Companies are easily exposed to claims of harassment and bullying in the workplace, originating in internet use and many employers are unclear how to tackle cyber bullying because it is a sensitive subject, and a relatively new problem.
“Under the Employment Equality Acts, 1998 and 2004, awards can be made up to two years remuneration, in the case of a harassment claim, whilst compensation in civil actions can be unlimited, so these issues should be taken very seriously by every business,” commented McNally. “Companies should immediately update or implement ‘Bullying & Harassment Policies’ to take into account these newer developments.”
A separate survey by the Small Firms Association this week revealed that in 2007 some 340,000 Irish employees left their jobs, with 102,000 leaving because they were unhappy with the people they worked with. Some 85,000 felt their contribution to the company was not recognised, while 68,000 left their jobs because of a lack of advancement. Around 47,600 left for a higher salary while 17,000 left because they were simply bored. A further 20,400 left their jobs for other reasons.
“It is vital for all companies to assess the risks that working online can cause,” McNally continued.
“Firms must have a multi-layered security approach and minimise or remove threats by instigating and enforcing an acceptable e-mail and internet policy within their organisation. The policy must clearly set out rules for personal use and prohibit access to offensive material.
“Information technology and the internet are key drivers of productivity and growth, but small businesses must be also aware of the potential dangers and address these in a proactive manner to safeguard their businesses and their employees”, McNally concluded.
By John Kennedy