Small business owners continue to worry about fundamental technology issues, according to new Yankee Group research, and are increasingly concerned about data security. Despite these concerns, however, budget limitations and fear of inflicting more harm to technology than good often stall investments to ensure system security and reliability. It’s like security analysis paralysis.
Forty percent of small businesses polled say protecting their companies from outside security breaches is an important issue, but nearly half defer security upgrades due to cost concerns. A quarter of those surveyed are concerned one system upgrade will trigger others. One out of five is worried they don´t know enough about the technology to make the right decisions. But it’s critical for your small business. You simply must wear this hat to protect your business or hire someone to do it for you.
Research also shows that although small businesses are aware of their own lack of expertise, peers — small businesses who often share the same limited technological sophistication — are their No. 1 source for technology recommendations and advice, followed by the Internet. No surprise huh? How many times have you visited a forum or your favorite discussion list and asked a technology question?
Often, free advice can be much more damaging than the cost of paying an experienced technology consultant, or solution provider, according to the nonprofit Information Technology Solution Providers Alliance (ITSPA). "While turning to business associates and using free Internet research can be good first steps, it can only get the small business owner so far," said Russell Morgan, president of ITSPA.
Here are a few things you can do to get your business is top security shape.
- Start by addressing the human factor in keeping the company´s network and data safe. Just like most other important initiatives, the business owner sets the tone and urgency for creating a security mindset among all employees. Remind staff members not to post passwords for others to see and to refrain from giving out login names and passwords to others outside the company.
- Never underestimate security threats. It´s better to be prepared and treat security as an ever-changing problem than not to be ready for the newest worm or virus attack.
- Develop a comprehensive security strategy. Simply buying anti-virus and anti-spam software is not enough. A documented security policy will cover access issues, e-mail protocol, file services, application installation and Internet use.
- Create a business continuity plan. If an attack or security threat does occur, the plan will help keep the business running smoothly.
- Get evaluated. A solution provider can determine what kinds of security programs are suited for each particular business and tailor solutions to the specific needs of your industry.
What do you think? Other suggestions? Leave me a comment.