Securing your small business against new cybersecurity threats



With economic turbulence and an ongoing pandemic, 2021 is challenging enough for small businesses without having to deal with the latest cybersecurity threats. Sadly, there’s no choice. A 2019 survey by the UK’s federation of small businesses found that they were collectively subject to almost 10,000 cyber-attacks per day. A 2020 GOV.UK survey noted that nearly half of UK businesses had reported a cyber-attack during the last year, and that a third were under attack at least once per week.

But with only the smallest IT teams and so much else to contend with, how can small businesses hold the fort? Here are eight ideas.

1. Know your weaknesses

Start by analysing your firm’s digital attack surface. Which assets and data are most sensitive? What personal information do you hold and where? Where is your network most vulnerable to attack? Have remote working practices created additional risks? You need to go beyond PC and server security to look at weak points across your infrastructure, so you can go to work on reinforcing them.

2. Manage user behaviour

Even in the pre-COVID era, the workforce was one of the biggest vulnerabilities for any firm. Not only are phishing attacks and credential theft still rife, but end-user attitudes can be part of the problem. A 2017 security report for Dell found that 72% of employees were willing to share confidential data externally, while half were prepared to do so over email and personal cloud services. Approximately 41% would work around security safeguards if it helped them get their job done.

The risks have only increased with the rise of remote working, with even more temptation to use consumer-grade cloud services or click where you shouldn’t click. Businesses need to handle this through, first, continuing security education and, second, providing secure, enterprise-grade methods to share and access data. If you want things done right, provide the right tools.

3. Keep your hardware and software secure

No business should neglect the fundamentals of good security, including installing anti-virus software and keeping all essential software patched and up-to-date. Here, Dell PCs and laptops come equipped with technologies like Intel vPro and Intel Hardware Shield, enabling companies to push security updates to remote workers as a group while providing new layers of security below the OS. Companies need to apply this approach across the whole infrastructure, including servers, network devices and access points, if they want to minimise their risks.

4. Backup your data

All businesses need to maintain regular backups of their most important data, and ensure that these are kept up to date and in a state where they can be easily restored. This not only prevents disruption from the loss of data but limits the threat of a ransomware attack.

The UK government’s national cybersecurity centre recommends that companies identify the data they need to backup and keep a regular backup in a separate location – potentially on the cloud. Beyond this, the NCSC recommends staying up to date with security guidance and making backup a part of your everyday business. The more any security measure is intrinsic to operations, the more effective it will be.

5. Have a business continuity plan

If the last 12 months have shown us anything, it’s that every business needs a business continuity plan. This should be informed by a top-down understanding of your key business assets and activities, and detail how you can protect and maintain them in a crisis. Building in support for flexible working practices helps, as does using robust data replication and backup tools, using active replication or cloud sync. And by building resilience into your IT and network infrastructure, you give the business more scope to roll with the punches and survive a crisis.

6. Secure the remote workplace

The remote workplace throws up more cybersecurity challenges, so prioritise practices like effective password management and authentication. Dell works closely with Intel to build in support for technologies like Intel SafeID, which stores and protects credentials in hardware, and Intel Authenticate, that deliver hardware-enhanced multi-factor authentication.

7. Work with your peers

Your business might be in competition with many others, but when it comes to cyber-security, we’re all on the same side. Look to trusted third-parties for information and advice on security, whether that’s the NCSC, CERT-UK, industry analysts or the IT media, but also look to peers in your industry and others. Are there new threats they’re experiencing, and how are they tackling them? Can you share your own experiences and insights with your peers?

8.Get the end-to-end perspective

One of the biggest challenges facing small businesses is maintaining an end-to-end perspective, but vendors and service providers are equipped to help. Dell Technologies Advisors can help businesses find and deploy the best, most secure intel-based technology for their requirements, then provide best-in-class support through the product’s lifecycle. Not only does this mean stronger security out of the box, but hardware and infrastructure that remains secure through to end-of-life.

Dell understands that small businesses need to authenticate their users, control access to sensitive data and monitor data use in real-time, and that they need to do so without the manpower of larger organisations. That’s why it offers free, tailored advice and intel-based security solutions that protect your data and secure your business against emerging threats. To find out more about how Dell can help, visit Dell Small Business Solutions.