Top 10 Security Mistakes SMBs Make

Small and midsize businesses need to work on fundamental security errors to reduce risk of costly incidents.

With hackers turning up the heat in 2011 and security breaches increasingly costing businesses more money in clean-up costs, notification resources and compliance fines, the stakes are high for small and midsize businesses (SMBs) to improve their security processes.

"An attack that costs $20,000 might not make the headlines like a Fortune 100 losing $1 million, but to the SMB, proportionally it could be just as devastating," said Brian Contos, director of global security strategy at McAfee.

That's why it is so important for SMBs to start thinking seriously about addressing the following key mistakes commonly made within smaller companies.

1. Thinking They're Too Small

A lot of the cascading technical and process deficiencies at SMBs stem from the fundamental belief that security doesn't matter because their firm is too small to worry about it.

"That's one of the biggest mistakes we see out there, thinking that small means that security doesn't apply to you," said Doug Landoll, solutions architect for Accuvant. "If someone is still in that mindset, they need to get out of that."

First of all, on the compliance front SMBs are not likely to get a pass from regulators because their organization only has 10 employees.

"It doesn't matter how large a transaction is, it doesn't matter how many pieces of data you have, just the fact that you have that sensitive information is all that matters," Landoll said. "Regulations don't change according to size."

Read the rest of this article on Dark Reading.

Read our report on how to guard your systems from a SQL attack. Download the report now. (Free registration required.)

Newest First  |  Oldest First  |  Threaded View