Cloud & Big Data Security

Cyber security is top priority for SMEs

IMG_5379A password isn’t enough to prevent cyber-attacks. network security solutions are a worthwhile investment to prevent platform and software vulnerabilities.

Did you know that every single day over 1 Exabyte (1,000,000,000,000,000,000 bytes) of data travels over the Internet, which is sufficient to fill approximately 300,000 of the biggest hard disks in the world? If you recall, 2014 was the year of data breaches. Now, that it reflects in the rear-view mirror, these episodes cite that there can never be too many security measures. With all certainty, security measures are implemented to scale down the risk to an adequate level, but never to zero. Raw security episodes will rise because there is always scope for negligence to come into play. Such cybersecurity episodes brought Sony, Target and Apple to its knees and are perfect examples of why data and network security shouldn’t be underplayed. According to Trustwave Global Security Report, 71% of security breaches have targeted SMEs. Thanks to the growing proliferation of ecommerce and cloud technology, that includes web, cloud hosting, recruiting full and part time employees and allowing access to the company’s business network. Each occasion offers a probable gateway to cyber saboteurs and troublemakers. Moreover:

  • Often, there is no dedicated IT department in an SME enterprise
  • SMEs refrain from investing in security programs for their systems
  • Hackers often target vulnerabilities, not specifically companies or individuals.

Therefore, to eliminate the inherent security weakness of the SMEs, it is imperative to employ network security programs. But, what are the biggest risks to network security?

Crime in the Cloud:
Cyber-attacks on cloud environments have become a commonplace, making everybody wonder which phenomenon is accelerating at a rapid pace: cyberattacks or adoption of the cloud. Like a dog with a bone, cybercriminals have followed the data trail to the cloud. Although IT departments are cautious when moving critical applications to the cloud, there are other departments who may be signing up for cloud services, keeping the IT department in the dark. Public cloud providers provide the same infrastructure to numerous clients. When the datacentre resources are shared with several users, there is always a risk of the business network being exposed and exploited. A single flaw in the cloud network grants others easy access to the data and network information. By the time you realize, criminals have hacked your business network. In addition, the most common assumption companies’ have is that servers are static. Well, things move at a great speed. With applications popping in and out regularly, it’s difficult to retain an application on a single machine. Hence, failing the machine or location centric security solutions terribly. So forget your gut feeling and take the plunge to employ mobile network security measures that can offer coverage to the company devices, irrespective of its location.

Bring your own device:
BYOD, as it is popularly called is another trend that has become widespread. Employees choose to use their own devices over company devices. This is because company devices often have restrictions over usage of certain application, whilst personal devices are free from such regulations. Companies embrace the BYOD culture as it saves overhead costs and fail to look at the big picture. Employees who are always on the road for work use the cloud to accomplish office tasks. Oftentimes, when employees misplace or lose their personal devices, unauthorized people can gain access to the cloud services and misuse the data. 44% of IT professionals’ state that BYOD is the biggest security concern as compared to others, as lack of security programs on a personal device make diagnosing a breach challenging.

Sending data over the Internet:
The risk is comparatively high when data is sent over a public Internet connection. Cybercriminals can always commit data theft by intruding your network through the Internet. The only way to minimize this risk is using Virtual Private Network (VPN) that secures endto-end communication over the Internet.

So, who’s responsible for enterprise security?
Network security of a company is a task better managed by IT professionals. However, every employee is accountable too, as he is a part of the company. The biggest challenge is to understand the risk rather than neutralize it. First and foremost, the company needs to implement adequate security solutions and policies as preventive measures. SMEs view security as a non-essential cost incurred and choose to put it on the back burner. With SMEs, now seeking to enable ecommerce via the Internet, security seems to have become a dangerous obstacle. Why do you ask? Well, earlier, cybercriminals had an appetite to attack large established brands that retained fat purses. Smaller enterprises flew under the radar as their transactions over the Internet were not considered high in volume. However, this situation has taken a turn for the worse as cybercriminals now resort to a volume based model, giving them a free-hand to attack any company, regardless of size. So, instead of hunting for lions, they have started setting up traps for deer. They have started breaching small enterprises instead of large corporations to satisfy their appetite.

Last word:
The present security scene fosters convoluted levels of sophistication. This masks cybercriminals, who lay dormant for weeks or months and slowly breach and round up the data at levels that go undetected. This is financially harmful for companies, especially SMEs. There are services and solutions that are capable of helping SMEs monitor and prevent cyberattacks. Implement these security measures and
take control of your business. Nothing outweighs protection of your data and assets.

Case in study:
Researchers announced a new network vulnerability named FREAK attack. There was a scan performed on each device over the Internet, before the researchers could even diagnose the magnitude of the problem. The scan stated that more than 5 million websites were already affected, including some managed by Google, FBI and Apple. In fact, Facebook’s fixture button was also declared a vulnerability. The key stakeholders were promptly notified. The FREAK accesses a secure connection between a web browser and a vulnerable website, extracting all the encrypted data shared between the two. Even today, 1% of the top ranking 1 million websites are vulnerable to Heartbleed. Experts say that such bugs linger over the Internet because companies fail to realize the depth of the problem. Most companies are unaware about 10% of their assets disclosed on the Internet.

About the author

SPI Group

An integrated platform created to serve entrepreneurs and service providers. SPI engages with over 100,000 Entrepreneurs & Senior decision makers through a unique combination of cutting edge business magazines, high profile B2B summits and conferences, strategic alliances with Govt, business associations and government bodies. SPI also leverages the power of digital marketing and social media.

Leave a Comment