Research study: Small businesses are unprepared for cyber attacks

Bank of the West’s new survey, “Fighting Fraud: Small Business Owner Attitudes about Fraud Prevention and Security” found that while 95% are taking some steps to prevent fraud, there are serious gaps in fraud prevention.     In many cases, small business owners underestimate their exposure to fraud and do not take preventative measures.  Here are some highlights from the report:

• Half (49%) neglect to conduct regular checks of the business’ financial and inventory departments.
• Only 33% use centralized payroll and approved vendors and only 30% use fraud prevention services.
• Only 36% have business data security policies in place, and only 2 in 5 (41%) small business owners have a written policy concerning remote networking, email and Internet safety procedures for their company—despite the fact that 69% say employees’ personal computers are used for work.
• Less than half (48%) secure documents properly – either in locked files or with password protection.

Related articles

• Finovate: Fraud prevention tops agenda (crainsnewyork.com)

ASDV8N8CHGYV

New Research Study: BYOD Threat is Not Addressed

A new study released by Cisco and BT reveals that most companies are doing very little to combat the threat of Bring Your Own Device (BYOD). Cisco and BT conducted surveys with office workers, business and IT decision makers across 13 countries.

What is BYOD? Bring your own device (BYOD) means allowing employees to bring personal mobile devices (laptops, smartphones etc.) to their place of work and to use these devices to access secure company information. According to research from the Aberdeen Group, 80% of companies allow BYOD. Some of the risk associated with BYOD include:
• In many cases, BYOD devices do not meet the security standards of a company and therefore make the company more susceptible to a data breach
• Employees leaving the company, can leave with access to web applications and other sensitive company data on their own personal martphone
• Lost or stolen phones can result in data breaches, when third parties access private company information

Summary of Research
• Only 36% of companies have a BYOD policy in place
• 32% of companies plan to institute a BYOD policy in the next twelve months
• 24% of companies allow and encourage BYOD, actively managing and supporting any device that users want to bring in
• 18% allow BYOD but with little management/support

What Small and Medium Business can do to combat the BYOD threat?
– Institute mandatory policies for employees who are accessing data via BYOD that include permissible use of devices, how data and passwords are stored and legal agreements relating to access to applications in the event of termination of employment.
– Install device management software to enable more management control over these devices including how data is used and how the company network is accessed.

Small Businesses are the Easy Target for Cyber Criminals

A study by NCSA/Symantec reveals some disturbing information about the state of preparedness on the part of small businesses to detect and thwart cyber-attacks.  There are two basic (and not surprising) conclusions from the report: (1) small businesses are extremely dependent on the internet for their operations and (2) small businesses lack policies and procedures that relate to internet security.     Here are some chilling statistics to consider:

68% – NO Internet network usage policies that include employee responsibilities to protect a company’s data, customer data and personal data?

69% – NO informal policies relating to the internet

70 – NO training for employees on how to safely use the Internet

75% – NO policies that relate to how employees use social media

83% – the percentage of companies that have NO written cyber-space security plan in place

90% – NO internal IT manager solely focused on IT issues