Small businesses are the glue that keeps the economic machine moving around the world. Billions of us daily, from coffee to teeth cleaning. Although statistics vary the US small business is estimated to employ between 43%-51% of the workforce. That’s a big number.
In a Ponemon small business study dated early 2013 stated:
- 55 percent of those responding have had a data breach
- 53 percent had multiple breaches
- 33 percent notified the people affected
- 85 percent share customer and employee records with third parties such as those providing billing, payroll, employee benefits, web hosting and information technology services
Small business has just as valuable data as the large organization, in smaller amounts, but just as important and yet their security systems and practices are weaker. So it makes them an obvious target to siphon data from.
It’s a two-front problem. Smaller businesses contain valuable customer information the attackers salivate over, and should these less secure businesses have secure connections, username, and password to larger organizations, then it’s a twofer for the attacker. More disturbing is these side doors may not be discovered for 3-6, months, an estimate many security firms are showing, so its a pretty serious problem.
It’s not their fault though. The cost for security can be very expensive, which moves them to a low end out of the box solutions, which gives them a false sense of security or “set it and forget mentality”, not to mention lack of security talent.
We are only as strong as our weakest link and need to reevaluate this top-down approach in security. Small business needs our help, training, and attention.
They are vital to everything.