Does Your Small Business Need Security? - dummies

By Doug Lowe

It’s tempting to think that cybersecurity is important only to large enterprises. In a small business, everyone knows and trusts everyone else. Folks don’t lock up their desks when they take a coffee break, and although everyone knows where the petty cash box is, money never disappears.

Cybersecurity isn’t necessary in an idyllic setting like this one — or is it? You bet it is. Here’s why any network should be set up with built-in concern for security:

  • Mitts off: Even in the friendliest office environment, some information is and should be confidential. If this information is stored on the network, you want to store it in a directory that’s available only to authorized users.
  • Hmm: Not all security breaches are malicious. A network user may be routinely scanning files and come across a filename that isn’t familiar. The user may then call up the file, only to discover that it contains confidential personnel information, juicy office gossip, or your résumé. Curiosity, rather than malice, is often the source of security breaches.
  • Trust: Sure, everyone at the office is trustworthy now. However, what if someone becomes disgruntled, a screw pops loose, and he decides to trash the network files before jumping out the window? Or what if someone decides to print a few $1,000 checks before packing off to Tahiti?
  • Temptation: Sometimes the mere opportunity for fraud or theft can be too much for some people to resist. Give people free access to the payroll files, and they may decide to vote themselves a raise when no one is looking.

If you think that your network contains no data worth stealing, think again. For example, your personnel records probably contain more than enough information for an identity thief: names, addresses, phone numbers, Social Security numbers, and so on. Also, your customer files may contain your customers’ credit card numbers.

  • Malice: Hackers who break into your network may not be interested in stealing your data. Instead, they may be looking to plant a Trojan horse program on your server, which enables them to use your server for their own purposes. For example, someone may use your server to send thousands of unsolicited spam email messages. The spam won’t be traced back to the hackers; it will be traced back to you.
  • Whoops: Finally, bear in mind that not everyone on the network knows enough about how your operating system and the network work to be trusted with full access to your network’s data and systems. One careless mouse click can wipe out an entire directory of network files. One of the best reasons for activating your network’s security features is to protect the network from mistakes made by users who don’t know what they’re doing.