Information Security
 


How secure is your businss information?

 

  • Do you have a Written Information Management Policy?

  • Do you train your employees on fraud awareness and information security?

 

SMBs are favorite targets of cyber criminals because their information systems often lack sufficient safeguards or were non-exisent

Business information is highly portable.  It only takes one lost USB drive to lose the confidence of a customer.

See how we can help your business

 

 

 

 

 

 

 

 

 

Small and medium sized businesses (SMBs) are more at risk and often suffer larger losses and experience unrecoverable and irreparable harm to their brands. There are several reasons for this:

 

  • Often in SMBs there aren't clear divisions between business functions and more often than not one person will perform several duties within the organization;

  

  • Information security and the overall responsibility for information management within the organization is given to one or two individuals and is performed on a part time or on an ad hoc basis;

 

  • SMBs often delay upgrading its information management system to meet new information security threats because of cost concerns. This often leaves the organization vulnerable both from internal and external threats.

 

In a recent study* 77% of SMBs indicated that a strong information security policy is good for business and it’s brand. However, 87% of the firms responding did not have a written information security policy. Furthermore the firms indicated that they did not have a person within the organization that was dedicated to be in charge of information security. These two items alone, leave a firm vulnerable to information security breaches and in turn exposes the firm’s customers to the same threats of loss to their information entrusted to the firm.


Clearly it is important for any organization of any size to conduct a business risk assessment to identify information security threats and outline who in the organization will be responsible for monitoring and mitigating threats. Out of the risk assessment a formal information management policy is created which will spell out how information assets are to be secured and managed and act as a resource for all employees and management to become engaged as active participants in the firm’s overall information security program. 

   

*2012 National Cyber Security Alliance/Symantec Small Business Study