SMB tips for cost-effective security strategy

Smaller businesses can protect themselves within their means against key security concerns such as BYOD, lack of employee awareness, and business availability.
Written by Ryan Huang, Contributor

Small and midsize businesses (SMBs) often are challenged with having limited resources to manage IT security, while faced with a potentially costly result of a security breach.

According to Vincent Tay, executive director at Singapore-based IT company Balanced Consultancy, there are some cost-effective strategies SMBs can adopt.

He explained that the top three security concerns SMBs typically face are brought about by the bring-your-own-device (BYOD) trend, lack of employee awareness, as well as the need for business continuity.

"The use of smartphone and tablet has increased exponentially, and the most common usage is to connect to company e-mail, which contains confidential data," Tay noted.

To handle the potential risks, he advised SMBs to implement the minimum passcode protection for mobile devices, and use Secure Sockets Layer (SSL) for e-mail.

The executive director also pointed to simple ways to raise security awareness among employees, such as posters and a Facebook group or blog for staff to discuss important issues.

"This is a much more effective way to disseminate information compared to a one-time IT security training," he said.

Tay noted while business availability was crucial for SMBs, many shunned implementing a business continuity plan (BCP) due to high costs.

He said BCPs, though, could be as simple as subscribing to two hosting plans for the company's Web sites, where one would be a "warm backup server" ready to kick in at anytime. This option could be as affordable as S$25 (US$20.50) per month.

Editorial standards