Operating under the perception that larger companies are the primary prey, small- to medium-sized businesses (SMBs) have developed a false sense of comfort. But for data-hungry attackers, SMBs can be treasure troves of credit card data, social security numbers, names, and birth dates. Storing data or sending it across a network without the right security in place exposes it to the eyes and clutches of an attacker.

Hackers often use this data as a stepping stone into attacks, such as phishing emails that contain personal information to entice users to click on links that download malware or spyware onto devices.

Less resources, more entry ways

Despite a growing concern over cyber attacks, some small businesses have insufficient threat protection in place. With limited funds to invest in in-house security experts and solutions, the same guy who’s tossing your pizza in the air may also be in charge of data protection. In a mid-sized business, you might find a staff of IT generalists, but not security specialists.

team members at start up

SMBs have also been hit harder by the security risks of the bring-your-own-device-to-work trend. Since the mix of business and personal data on a device is greater with SMBs, there is a greater potential for employees to inadvertently create entry ways for hackers. The customer data theft that results can have a dire impact on a company’s business and reputation, along with fines for lack of compliance with payment card industry (PCI) security requirements.

Think beyond device protection to network protection

While SMBs are increasing endpoint security for PCs and mobile devices, many are still leaving the networks that transport private data exposed. So, beyond device-level anti-virus software and anti-malware firewalls, SMBs need:

  • A secure network connection, such as a virtual private network, rather than open SSL or the internet
  • A network-based firewall to avoid having to manage the firewall themselves
  • Web filtering to set policies and monitor incoming and outgoing traffic
  • Email filtering for protection against spam attacks and phishing attempts

The good news for SMBs is that cloud-based services are available to simplify security and free their resources for other priorities. Working with AT&T simplifies that even further, because these security services are embedded into the network.

Does your business need to take a closer look at network protection?  A vulnerability assessment can be a good place to start. By helping to identify and evaluate threats, it can help SMBs develop a holistic remediation strategy for protecting private data.