4 HUGE Misconceptions About Business IT Security

When it comes to IT security, many business owners think that hackers are only targeting large businesses. We see things like the Target and Home Depot breach in the media and we think they’re the only ones having trouble with hackers. But the fact of the matter is that more and more, hackers are turning to small businesses to try to cash in. From ransomware and phishing for your credentials, the risk is real for business owners that are trying to protect their data.

When it comes to IT security, many business owners think that hackers are only targeting large businesses. We see things like the Target and Home Depot breach in the media and we think they’re the only ones having trouble with hackers. But the fact of the matter is that more and more, hackers are turning to small businesses to try to cash in. From ransomware and phishing for your credentials, the risk is real for business owners that are trying to protect their data. Rather than making assumptions and using old knowledge to guide your IT security strategy, it’s time to challenge what you thought you knew. Here are a few huge misconceptions about business IT security:

1. Thinking you aren’t the target.
   This is probably the most dangerous assumption to make, because it gives you an excuse to put things on the back burner and delay your IT security improvements. The fact of the matter is it’s not just the big guys that hackers are targeting. In fact, in recent years, hackers have gotten wiser to the fact that big businesses are investing millions into security, while small businesses aren’t doing that. While these stats come from a study completed in the UK, we have to imagine that we have similar issues in the US: 74% of small businesses reported a security breach in 2015. Cryptolocker and ransomware are becoming massive opportunities for hackers to encrypt your network and demand thousands (sometimes hundreds of thousands) for access back into your data. Don’t make the incorrect assumption that small businesses aren’t the target, because they absolutely are – and the faster you get over that assumption, the faster you can protect your livelihood.
2. Underestimating the value of your data to a hacker.
   Never underestimate the value of the data that you hold. Hackers understand that that data means a lot to you and that you’ve paid employees to work countless hours to compile it. If you’re a consumer business storing customer financial information, there’s an entire marketplace where hackers sell identity and credit card information. Something as small as access into an e-mail account for $10, and a Facebook account for $20. These hackers are making a living selling you and your customers information on eBay. You need to understand that this is real and your data has a value. Protect it, even on the personal level, like you believe that.
3. Underestimating the importance of the basics.
   Windows updates, antivirus updates… you NEED to install these things. If you have Managed Antivirus you probably already have your network administrator or Managed Services Provider doing this for you, but if not you need to be sure that you are constantly updating. These updates are usually fixing security holes that have been exploited by hackers. When you click ignore you’re aren’t closing those holes and you’re leaving your network open to hackers.
4. Thinking Macs are impervious to infection.
   Yes, it’s true that 95% of viruses are written for Windows and not Mac, but you have to understand that number used to be 99.99999%. Now, more and more apple products are finding their ways into hands of consumers and businesses, which means that more and more hackers are going to be turning their attention towards exploiting the security holes in those platforms.

You know what they say happens when you assume, right? Your network gets taken down by a garage hacker, you get cryptolocker, you lose all your data and you end up really sad. Okay, maybe not that bad (as long as you have a good business continuity solution in place), but don’t underestimate the importance of a really secure network. Managed antivirus, an updated firewall and router, and savvy employees are just the beginning. If you even have the tiniest doubt about the security of your network, bring in an IT security professional to check things out.