Secure your computers

MENTION the words IT security to a small-business owner and the chances are that he or she will start yawning. But IT security matters to small firms. Studies by Microsoft have found that seven out of ten small firms that suffer a big loss of company information go out of business within a year. Most of us know about viruses and spam, but what about phishing, key-logging and botnets? The number of cyber attacks is rising, with 62% of small firms saying they have suffered an information-security incident in the past year. And recent research by Business Link, the advisory service for companies, shows that almost half of small businesses expect a breach of their IT security in the next year.

“There are two issues - internal and external,” said Jonathan Hollow of Business Link. “What your staff do may compromise your security, and what is happening in the outside world of viruses may impinge on you. It is about guarding the two fronts.”

To help small firms deal with this, Business Link offers a free IT risk-assessment tool (businesslink.gov.uk/ itsecurity). You input some facts about your business and it gives a breakdown of the risks you face as well as practical advice on how to minimise them.

“We have found that the traffic to that area of our service is growing all the time,” said Hollow. “But a great deal more still needs to be done to raise awareness.”

With PC sales to British small businesses passing 3.5m units last year it is an area that touches most companies.

One of them is the online retailer A Quarter Of (aquarterof.co.uk), founded by Michael Parker in 2001 to sell old-fashioned sweets. Parker has had to develop his company model to minimise the risks to his business and his customers.

“From day one I thought about how I could convey on our website that it was safe. And from day one we have never taken credit-card details here, because I have never wanted someone to be able to break into our premises and take card numbers, or tap into our system to get them,” said Parker. “Our site has always been secure, and every time we have had the option of having data secured we have taken it.”

Customer data are important to any business and, according to research by the computer maker Dell, data storage and data security are high on the list of concerns for small businesses.

Bob Bennett, who manages the Latitude notebook brand at Dell, said that today more laptop computers are being sold than desktops. And with so many portable machines leaving the office at the end of the working day, concern over data security has grown.

“More and more of these machines are being used outside the network environment. You want to make sure that company information is secured and that the people using it are the correct people,” said Bennett.

All kinds of technologies are being created to make computers more secure. But cost is one of the main obstacles for small businesses. For large organisations, setting money aside for IT is all part of their business plan. Such investment is harder for small firms, but Bennett is optimistic about what is on offer to them.

“With operating systems like Windows XP, you can fairly easily secure your wireless network, and there is some basic protection that will give you a reasonable amount of security. It is not the black art that it used to be. We live in the point-and-click world and there are a lot of point-and-click security solutions.”

Some of these solutions can be easily found on the internet, and are often free. They include antivirus software, antispyware and firewalls.

Even banks are starting to help small businesses with their IT. Barclays offers a range of tools to protect company computers and the data stored on them.

One of the biggest problems for small businesses is retrieving data that have been lost through an accident, hacking or misuse of the IT system. With 92% of companies storing business-critical data on their IT systems it is vital that they can do this.

Microsoft research shows that loss of data is considered to be one of the key reasons for business inefficiency, but only half of small businesses are backing up their data daily.

Making sure your company has an IT policy that covers areas such as data access, security and internet use is the first step to protecting a business. It is also advisable to brief your staff on the security policy, so they are aware of what they can and cannot use your IT systems for.

As Parker at A Quarter Of said: “If you are not sure, then don’t do it.”

Security is an industry-wide issue. Cyber-crime is exactly that - a crime. Criminals will always try to find ways to exploit vulnerabilities for their own gain.

But Bennett feels positive about the future of IT security at small businesses. “The risks of not protecting yourself are going up but the cost of protecting yourself is going down all the time,” he said.

SIMPLE STEPS TO TAKE

Think of the worst thing that could happen to the IT in your company - for example, your server being stolen, or a hard disk failing. Then make sure you have something in place to deal with such a situation

- Back up your data - and do this every single day

- Take the back-up off-site for storage in a safe place

- Ensure that all your antivirus/anti-spam programs and so on are constantly updated

- Be very careful about downloading programs from the internet, opening e-mail attachments and so on. If you are not sure they are safe, don’t touch them

- If you have a wireless network make sure it is secure. If it isn’t, it is like leaving your company’s front door open 24 hours a day.

Created by: James Scoltock