Cyber threats are a risk to SMEs on a daily basis, and in many cases SMEs are targeted more frequently than larger enterprises. Cyber-attacks can be costly both financially and in terms of business reputation and legal standing. Awareness and preparation are key to looking out for security threats, and preventing them from materialising into a genuine threat. So what are the main things for your customers to look out for?
Phishing is on the rise
One of the most recently increasing cyber security threats is phishing, or spear phishing. This involves creating emails to appear as if they’re from a trusted source (like a colleague, boss or client who is in regular contact with the business) containing a link which they are encouraged to click on. This allows the cyber criminals to gain access into the network and encrypt data until the business pays a ransom to “unlock” their files and data. To prevent this, and other malware attacks, your customers should be aware of the risks, shown how to spot phishing emails, and encouraged to ask questions before opening any links they are not expecting to receive. At the same time, regular backups should be taken so that data is recoverable even if it is compromised.
Internal sabotage and data access
Of course, SMEs are not only at risk from external threats – there is a chance that internal employees could also pose cyber security risks. Disgruntled employees or past employees who are able to access highly confidential information have the ability to cause real damage to your customers’ business. As their IT provider, it is is important to keep track of employee access, removing accounts and users once people leave, and implementing restrictions at different levels to limit the volume of confidential data that employees have access to so that it is only those who are required to view specific information that can see it.
BYOD device and remote working threats
The chances are that many of your customers’ employees are not going to set out to sabotage their business and compromise data security maliciously; however there are ways that employees also increase cyber security threats without realising. The most common of these threats is due to Bring Your Own Device (BYOD) schemes which allow employees to work remotely from their mobile devices. The problem is that data can then be accessed on-the-go and connect to unsecured networks, or devices can be stolen. To prevent data being compromised, you should ensure that passwords and access is restricted to allow only necessary access, and that remote access is gained using a secure VPN – which is essential if employees are working linked to a public WiFi network.
Prevention through education
There are many cyber threats that SMEs face every day, but it is not impossible to reduce the risk of your customers falling victim to these attacks. Educating your customers and delivering cyber security training is central to ensuring that they don’t make themselves likely to be targeted. If you’re looking to spend time training your customers, or implementing new areas of cyber security but don’t have the in-house resources to do so, give Marathon a call today on 020 8329 1000 to discuss our white label services.