By Anne Stokes, CEO of Streamwire
Growing numbers of small and medium sized enterprises (SMEs) are adopting an agile business model, discarding hierarchical ‘top down’ infrastructures and creating flatter and more flexible structures. While promoting innovation, collaboration and an entrepreneurial work ethic, it is putting strains on IT systems designed for a different age.
Many organisations are trying to achieve agility with legacy IT that has been designed for slower and less dynamic business structures, throwing up significant security challenges over how data is used and shared. SMEs in particular are ignoring data security as they rush to adopt applications to improve work processes.
So, what are the best practices for agile businesses to keep their data secure?
Cloud-based storage platforms
Many small firms keep their files of a Network Attached Storage device (NAS). It works much like a USB drive or a local hard drive, and is stored in a separate workstation of small server. It is typically the easiest and most straightforward route for SMEs to take, but can bring with it a number of data security problems.
Aside from hardware failure concerns (resulting in a complete loss of company data), flat organisational structures can typically lead to data corruption from compromised computer systems. If all employees are accessing a NAS from multiple stations and devices, the threat of virus infection or Trojan backdoor software attack rises. Without letting themselves known, malicious software can copy, restrict access to or simply delete large amounts of your data.
Small and agile businesses would do well to examine cloud-based software systems, such as Office 365. Enabling flexibility and remote working, cloud-based storage options cannot be hijacked or infected. Being managed by a third party, your provider can enact strong security features around them, shouldering the risk of their protection and enabling your own business to focus on where it can best add value.
Ensure robust staff training
Even if you have the most secure data storage system, your data can be compromised through your employees’ actions. More specifically, a lack of cyber self-defence can seriously impact the security of your business’ information. Key to preventing this is to make sure all of your colleagues are fully trained in best online and data-management practices.
For starters, make sure that your staff are fully trained in security awareness. Employees are commonly a hacker’s first targets and points of entry, so it’s best not to overlook this. Ensure they’re trained in spotting the major warning signs of a data breach, such as “out of character” events like a 3:00AM login or a “ghost” user. Enabling staff to spot these signs means that they can perform basic actions in order to prevent possible attacks before they start.
In addition, make staff aware that it is never advisable to save files locally rather than on a secure storage platform. As with NAS systems, malicious software can easily access sensitive files stored on a local hard drive. Training staff on the dangers of such practices can ensure that your data remains secure while working without a rigorous hierarchical infrastructure.
Don’t lose track of office devices
Strong cyber-security training could easily be undermined if a business owner does not ensure that every office device is properly secured. Without endpoint protection across workstations, laptops and mobile devices, an agile business’ data security is at serious risk of attack. Thankfully, there are some simple steps that small businesses can take to prevent this issue taking hold.
For workstations and laptops make sure that every device has trusted anti-virus software installed that is regularly checked as up-to-date. This is basic, but essential – as a first point of defence anti-virus software can be invaluable at protecting against attacks.
When dealing with mobile devices, it is critical to manage how and where they can access your data. In a fast-paced, active and agile business, employees could need to work from anywhere at any time. However, it is important to ensure that the network they use to log into your storage is secure and trusted. Make it company policy to deny access from insecure cellular or Wi-Fi services. This will still enable staff to work form any location, but will further protect your data from malevolent attacks.
Remember: the SME of today is the large corporation of tomorrow. Some data attackers can attempt to gain access to your data today in order to take advantage of your information down the line. Through a secure storage platform, robust staff training and being mindful of office devices, nimble business owners can ensure their company information is safe and protected well into the future.