Business continuity falling flat over data security
A pair of recent studies shows that more small business owners claim they are ready disaster, yet some are not taking adequate steps to protect their data.
It seems that more companies are taking the stance in terms of content security that if they can't see it, the threat isn't real. A pair of recent studies shows that more small business owners claim they are ready disaster, yet some are not taking adequate steps to protect their data.
The Hartford Small Business Data Protection Survey reported 85 percent of SMBs don't feel their data is at risk and therefore aren't implementing good data security measures. In comparison, a Traveler's Insurance poll of small business owners found about half were at least somewhat prepared with a business continuity plan and an effective insurance policy in the event of a hurricane.
There's a broad market for disaster recovery and business continuity solutions. Tape data backup, for example, is one of the simplest and most reasonably priced means of removing information from a daily-access system and placing it in secure archival storage. Security software also allows businesses to detect threats and alert if an attack has been attempted or if a system has been compromised. There are cloud systems, virtualization, deduplication and disk backup solutions for companies that want to diversify data management.
In short, there's no reason why business owners shouldn't avail their client data of proper safety precautions, but a resounding majority seem to feel it's unnecessary despite the ongoing inundation of threats facing companies of all sizes.
Lack of trust
The disconnect in terms of data protection may come from misinterpreting responsibility regarding loss of sensitive information. The Hartford study found that nearly 80 percent of owners were careful to remove permission access from their own employees but only around 45 percent used firewalls, updated software and performed troubleshooting on network connections to block external attacks.
If companies aren't taking these steps to safeguard business data from the variety of threats, both internal and external, the likelihood of a breach can increase. According to a report conducted by Verizon, the Dutch National High Tech Crime Unit and the U.S. Secret Service, more than 90 percent of data breaches are the work of external attackers, showing a decline in internal involvement when comparing year-over-year values. Business continuity could be threatened by this lack of internal data protection from employee neglect or malicious access, resulting in theft and loss.
Security missteps
The worst part is that owners recognize the damage a security breach or data loss can have on business. The Hartford study found roughly two-thirds of respondents recognized data protection failures hurt the company's image and could result in loss of business. They even admitted to looking down on companies that had been victimized and struggled to recover, the Data Protection Survey reported. When companies lose this kind of respect from clients and can't recover essential corporate data, business continuity is threatened.
Since these owners aren't taking even minimal precautions, the Verizon study shows they fall into the biggest group of commonalities in all data breach incidents last year. More than 90 percent of successful data security breaches were simplistic and 96 percent could easily have been averted if basic protections were in place. Given the weight of data protection in upholding business continuity, it would seem counterintuitive for companies not to invest in backup solutions.
"Most of the business owners surveyed believe they are not at risk," said the Hartford's Lynn LaGram regarding the Data Protection Survey. "In fact smaller businesses are increasingly being targeted … It is important for business owners to take proactive measures to protect data and minimize the likelihood of a breach."
Lack of confidence
Hartford's data showed almost half of small businesses just didn't feel they could meet compliance and data security requirements if they were to try and implement them. Even though averting disaster could be easy for these organizations, a lack of trust in their employees as well as their own capabilities may cost them and their clients in the end.
Spotlight
Cloud Computing
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- SEC may ask for more information after cyberattacks
- FBI trying to train financial execs on cyber threats
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet