Finance security matters. All sizes of businesses are targets for hackers, and many SMEs in particular are at risk of financial data breaches
Businesses are under cyber attack today, and though many think they are too small to bother with, SMEs are more vulnerable than they may think. Whether it’s an attempt to get to their larger enterprise customers or partners, direct assaults on financial data are increasingly a very real threat. SME finance can be a big target for hackers.
Medium-sized businesses rank security as their second most pressing technology challenge, According to the SMB Group’s 2015 report, Small and Medium Business Routes to Market Study.
This finding is less surprising than it may seem. After all, the larger a business the more they are likely to be able to devote resources to all areas of strategic planning, including the vexed area of IT security, in particular finance security.
New threats to SME finance security
Despite this, and as result of growing awareness of the threat, there has been a marked increase in spending on information security in SMEs. A survey by accounting firm EisnerAmper showed 62% of company directors cited cybersecurity and IT risks as an important concern, up from 53%.
Increased mobility – both by customers and staff – in the form of the use of smartphones, laptops and tablets opens businesses up to new threats, whether that is insecure public wifi connections or simply lost or stolen data.
Any small business that engages with online transactions, SME finance in general or holds customer data must, at the very least, get to grips with encryption.
Some simple steps can also be taken, such as isolating machines used for processing or storing financial data from the rest of the network, at least as much as is possible. Certainly, they should not be used for social media or leisure purposes.
Building finance security into your SME
More critically, though, some thought will have to go into how security is provided. There is a legal obligation to secure some kinds of data, including customer records and financial data. In these cases, expert help should be sought – and it is now available in the form of security providers who offer end-to-end IT security as a service.
Failure to invest in IT security, including in keeping it up to date, could put your business at risk, leaving it open to fines under data protection law, litigation or even simple reputation damage.
‘Born in the cloud’ businesses that have been founded in recent years are already exploiting cloud services for the provision of many IT services, not least security, but even businesses that have been around for decades can move their IT to the cloud.
A study performed by Intuit and Emergent Research found that 37% of SMBs in the US already use the cloud in their operations, a number that is expected to rise to 78% in the coming years.
The reason is simple enough: even large businesses struggle to attract qualified and experienced IT security specialists; small businesses find it impossible. Besides, what small business can afford to hire dedicated and full-time IT security staff anyway? The better option is to put your security in the hands of experts and ensure that your financial data is secured as much as possible.
- Small businesses are targets for hackers no less than larger enterprises, but are often less prepared for the threat.
- Failure to protect finance data or customer data can result in fines, litigation and reputational damage.
- The investment in securing financial data doesn't need to be in the form of full-time staff.
Get more tips on how to put best practice SME finance and IT systems in place. Download: Get 70% More Value from Your Finance Systems: The Business Leader’s Guide to IT Strategy