The Small Business Technology Institute (SBTI) and Symantec Corp. recently announced the results of a new report titled "Small Business Information Security Readiness."?? The news is not great for us. The report confirms that small business information systems are increasingly vulnerable to attack. We need to get better at using security technology, creating proactive security policies and become better at protecting our information assets so we can minimize business risk.
Here are some key issues from the report:
- The accelerating adoption of networking and mobile computing is driving greater security exposure for small businesses. Small business technology adoption is growing rapidly in areas such as networking, mobile computing and Internet access, even among one-person, home-based businesses. However, many small businesses lack sufficient security controls over even basic systems such as e-mail (20 percent are not secured) and wireless networks present a new area of concern (60 percent are not secured). Most small businesses (75 percent) perform no formal information security planning to counter these threats.
- Small businesses consider information security a priority, but are not increasing their investment in protection to keep pace with increasing threats. The majority of small businesses (56 percent) have experienced at least one security incident in the past year, citing computer viruses, spyware and other malware as the main cause (60 percent). Yet only a small number (30 percent) have increased spending on information security solutions and less than half (43 percent) allocate a specific budget for these solutions.
- Small businesses continue to call for security solutions and product information that is tailored to meet their unique needs. The majority (70 percent) of small businesses feel information security product materials could be improved to help them make more informed purchasing decisions.
- Small businesses demonstrate limited awareness of information security issues and poor understanding of the economic consequences of related incidents.
Doesn’t sound too good, does it? Think about this. It only takes the loss of your techology resources (think computer) for one day to devastate your business. What are you going to do about it? Leave me a comment.