SMBs Easy Targets for Cybercriminals

SMBs Easy Targets for Cybercriminals

New Zealand’s smaller organisations need to take Internet security more seriously, AVG (AU/NZ) warns

Auckland, 27 June 2012 — Small- to medium-size businesses (SMBs) are still easy prey for cybercriminals, warns AVG (AU/NZ) Pty Ltd, distributor of AVG Technologies’ award-winning AVG Internet and mobile security software in New Zealand.

New Zealanders lose up to $500 million each year[1] by leaving themselves vulnerable to cybercrime, international scams and fraud.

Exposure to such illegal activity has risen for New Zealand’s smaller organisations which are embracing technologies that facilitate mobile working, and yet are not fully alert to the additional risks to business security. For example, businesses are readily adopting social networking as a promotional opportunity to engage with customers, but are not taking the further precautions required to protect against associated online threats, such as web link scanning.

Michael McKinnon, Security Advisor at AVG (AU/NZ), said: “If you are the owner of a small or growing business, chances are you think you are too small for cybercriminals to be interested in you. But you are well advised to think again. With many cybercriminals using automated scanning tools, unless you protect yourself they’ll eventually find you.”

McKinnon says that SMBs remain focused on traditional IT vulnerabilities like e-mail and web viruses and tend to be more concerned about losing access to files and replacing hardware. But says the dangers also lie in security breaches. These are the costlier risk in terms of lost sales and revenue opportunities. According to the AVG SMB Market Landscape Report 2011, the average cost of a security breach is US$6,370.

“Without safeguarding against emerging trends such as information theft and social engineering, SMBs are leaving themselves wide open to the cybercriminals,” he said

AVG (AU/NZ)’s guidance is to treat Internet security the same way as corporate governance and brand protection. McKinnon says: “This is a boardroom issue, not simply a technology debate.

“No company should be operating without stringent online safety precautions in place, particularly when affordable, effective measures are readily available to them. Having full featured, automatically updated, always on anti-virus and Internet security software running across all company computers and employees’ mobile devices is a must for business continuity.”

The trend is for executives and staff to access e-mail and other proprietary data from more than one device, but if malware on a mobile device is allowed to remain undetected by users, criminals can gain access to confidential corporate data. The cost in terms of time and expense associated with cleaning these up is often substantial.

Just as business owners lock their doors to keep out burglars, the same should apply to the online world. SMBs need to:

1. Keep protection updated for all computers and mobile computing devices - including USB memory sticks, memory cards, portable hard drives, MP3 players, cameras, smartphones and tablets - that are brought in or taken home by staff, contractors, clients and visitors.

2. Ensure backups are occurring automatically and plan for reducing disaster recovery restoration times.

3. Promote strong password management, with passwords that are not easy to guess, are as long as possible, and which preferably include a combination of upper and lowercase letters, numbers and symbols.

4. As a first line of defence in social networking activity use link scanning technology, such as AVG’s LinkScanner®, embedded in its anti-virus and Internet security solutions, to ensure shared links and files are checked and safe.

5. Ensure staff always log out of every application or social networking site, and always use the highest rather than default security settings.

6. Provide staff with written security guidelines to keep them and your business network safe. Don’t assume that all staff is tech savvy. The New Zealand government provides easy to use online policy templates at www.business.govt.nz

7. Enforce this robust internal policy with regular security audits.

8. If you need to provide visitors with Internet access, invest in networking equipment that provides a DMZ “De-Militarised Zone” that will give your visitors restricted access so they can't infect your systems, install software or log into your files.

For the series of informative security tips, how-to and fact sheets see:
www.avg.com.au/resources/security-tips/. For video tips from AVG (AU/NZ), see: www.youtube.com/user/avgaunz

Keep in touch with AVG (AU/NZ)
• For breaking news, follow AVG (AU/NZ) on Twitter at twitter.com/avgaunz
• Join our Facebook community at www.facebook.com/avgaunz
• For security trends, analysis, follow the AVG (AU/NZ) blog at resources.avg.com.au

### ENDS ###

© Scoop Media