Published on 21/11/2017 in Innovate
Trojan horses and dangerous worms, the recent WannaCry ransomware, DDos attacks such as the Mirai botnet … The worldwide web seems to have become a real battlefield. But many SMEs today still see this as an issue that doesn’t concern them very much. But is that so? Multinationals are substantially increasing their protection following a series of advanced attacks, an increasingly complex IT infrastructure and new regulations such as GDPR (see text box). So criminals are turning their attention more and more to smaller companies.
After all, they work regularly with big companies and cyber criminals hope to be able to use their company data to find a back door to break into the big fish. They have also realized that it is often more profitable to attack a lot of small companies rather than one big and extremely well-protected multinational.
The good news? You don’t need a huge budget to provide adequate protection. Above all, it is a matter of properly analyzing what you need to defend. Will your business grind to a halt if you can’t send e-mails? Then invest mainly in e-mail protection. Is most of your income generated by a webshop? In that case, you would probably benefit more from excellent web protection.
In addition, it is good to realize that your IT department does not suddenly have to be expanded, even if it only has one person. On the contrary, often it is more advantageous to outsource your protection. After all, in many cases in-house IT teams do not have the specialized knowledge this requires. What is more, they already have so many responsibilities that they don’t always notice threats in time.
Far more than budgets, your employees are often the weak link. Do all your staff know what phishing is or can they recognize suspicious attachments? Do they use watertight passwords that are regularly changed? And are their mobile devices protected with antivirus programs, too? There is no point in buying protection if it is not properly used on your shop floor. So at the same time, invest in short training and awareness courses for your staff so that they realize how important they are for the protection of the company.
From 25 May 2018, European companies that collect personal details will have to fulfill a whole series of rules aimed at better protecting citizens’ data. The General Data Protection Regulation (GDPR) revolves around four pillars:
More info on www.proximus.be/gdpr