SMEs Must Shape Up (IT Security) or Ship Out (Staff)

A new survey has revealed that 57% of businesses recently suffered a virus attack, with half of these caused by internal staff breaching IT security rules. SupportPlan, a London-based IT support company, claims too few firms are taking crucial steps to stop this occurring, with SMEs running the greatest risk of IT security breaches.

The same survey showed that, although many companies have policies in place to combat virus threats, too few are taking the necessary action to prevent staff from downloading non-work-related applications, opening infected emails and de-activating security software.

SupportPlan, whose clients include the Institute of Directors, Abbey National, the Daily Mail Group, and Proctor and Gamble, as well as many small- and medium-sized companies, warns that SMEs do far too little to help themselves against accidental or wilful damage by employees.

Steve Gibson, Managing Director of SupportPlan, explains: Smaller companies are still willing to gamble when it comes to IT security, and it’s a gamble that can have terrible consequences when things go wrong. A lot of damage can be prevented by properly educating staff about the threats facing their company’s network and the role they could play in preventing outside attacks.

Good IT support usually costs time and money, something which many SMEs believe they can ill afford. However, when you assess the potential impact of a security breach or infrastructure failure, the sums suddenly look very different. Downtime can have a massive financial effect on a business and, if you do not have a system that has been set up so it can be fixed quickly, then the costs of getting back to normal can be extremely high.

Larger corporations can afford the expertise for best in-house practice. SMEs have a much smaller budget for IT and so can rarely cover this. Even with an efficient IT department, they will probably have to outsource for that kind of specialised knowledge.

In order to effectively combat IT security threats, all firms need to be aware of and adhere to the following steps:

(Re) evaluate your company’s IT security needs, and if you are not an expert, get one in to assist;
Assess the potential financial impact of downtime and disruption in respect of each threat;
Plan your IT security and disaster recovery investments accordingly;
Implement the appropriate IT solutions;
Educate your workforce and enforce policies;
Manage your IT solutions and end-users.

SupportPlan provides high-level, affordable IT support for companies with five or more users, ensuring that all of a company’s data is safe on a 24/7 basis.