Cyber security a greater risk for Australian SMEs

Maintaining online security risks is a never ending task. Catalin Cosoi, Chief Security Strategist antivirus software provider Bitdefender offers tips to help SMEs maximise their security measures as global security concerns spike.

Australian companies are in a difficult position when it comes to granting access to corporate data.

While they need to share more information to develop their business, they also have to restrict and personalise access to sensitive details, addressing ever-evolving bring your own device (BYOD) trends.

In the wake of the Snowden NSA leaks, Australian SMEs are at greater risk than large corporations, as they have limited money for cyber-security.

From netbooks to smartphones and picture-playing devices, Australian employees are some of the most tech-savvy in the world and bring a wide variety of Internet-connected devices to the office. To increase efficiency and mobility, they commonly access corporate data and networks on the go, while chatting with friends, posting social media messages, listening to music and sharing pictures online.

This makes corporate data more vulnerable to phishing, fraud, malware and other threats. SMEs should establish a clear BYOD policy for email, internet and mobile devices.

Businesses that keep their IT services in-house also need to consider the physical security of equipment vulnerable to natural disasters, fire and other calamities. A quarter of businesses do not reopen following a major disaster, according to the Institute for Business and Home Safety.

At a time when strong IT infrastructure makes a business stable and reliable, Australian companies of all sizes need to plan for the unplanned. A disaster recovery plan can make the difference between prolonged chaos and a short and manageable moment of disruption.

Much data loss occurs simply due to human error and carelessness, so SMEs should back up their critical data. Here are several tips for maximising SME security while controlling expenses:

·      Perform an initial security audit. Focus less on existing holes and more on defining the likely threats.

·      Strengthen employee security and loyalty. The insider threat is the greatest, proportionally, followed closely by social engineering. Hire qualified professionals to train staff in good security practices and consider employee background checks.

·      Consolidate your assets and simplify your management by switching to virtualisation, either in the cloud or on-premise. Security for virtualised environments is quite advanced already and the savings in operating costs alone may justify the move.

·       Check provider credentials and contracts when using cloud services and carry out regular security updates on all software and devices.

·      Installing a security management solution will consolidate control for virtualised, physical, and mobile endpoints.
Catalin Cosoi is Chief Security Strategist antivirus software provider Bitdefender.