Only 25pc of SMEs very confident about their data security measures – research

18 Jul 2012

Even though 41pc of owners of small and medium-sized enterprises (SMEs) are concerned about their computer systems being hacked, only one-quarter of them are very confident about the security measures their company has in place to protect their data, research by small business insurance firm Hiscox suggests.

What’s more, 10pc of SMEs say they have experienced being hacked, and risks pertaining to cybercrime are of greater concern to SME owners than the loss of physical items such as laptops or customer paperwork. Thirty-nine per cent of SME owners are more concerned about hacking, 36pc are more concerned about phishing, and 31pc are more concerned about losing physical items.

“Cybercrime is costing the UK economy around stg£11bn a year and while the media is reporting a growing number of high-profile data breaches, some small businesses may also be a popular target for hackers because their systems are usually easier to get into and the breach may not be found out for a good few weeks,” says Hiscox SME insurance expert Alan Thomas.

Hiscox offers the following security tips to help SMEs protect themselves against online risks:

  • Protect information with an internal ‘need-to-know’ policy. If storing information on a central file server, manage who has access to these files. This can help prevent accidental or deliberate data loss.
  • Encrypt important information for extra security so only authorised users will be able to access the data.
  • Using the internet and email to conduct business means data loss becomes a bigger risk. Develop a clear email policy and raise online security awareness with employees and follow up on suspicious emails even if they’re a one-off.
  • Make it protocol across the business for employees to use numbers and letters in passwords that provide much more robust protection from cyber-criminals.
  • Back up your files.
  • Items like laptops and computer monitors are common targets for thieves and the real cost of a stolen IT asset isn’t just the hardware; it’s the lost data and the lost productivity. Lock servers in a room and move laptops into a secure drawer at the end of a working day.

Tina Costanza was a journalist and sub-editor at Silicon Republic