Business Gets Riskier for SMEs
As small and midsize enterprises (SMEs) extend the reach of information technology throughout their operations, they are encountering the same threats that have long plagued larger organizations, but often find themselves without the necessary resources to protect critical infrastructure. "As soon as SMEs use email, connect mobile employees or remote offices to their central network, maintain a Web presence, or provide greater access to third parties, they open their business to risk," warns one security analyst. The increased vulnerability of SMEs comes as the prototype of the hacker is shifting from the mischievous student out to make a name for himself by defacing a random Web site to the financially motivated criminal seeking to extort money from a carefully selected target. The most vulnerable businesses often only have around 10 employees; they are large enough to run on a network, but too small to have a designated IT department. As a result, security in SMEs is too often addressed reactively or in an ad hoc manner. At a bare minimum, SMEs should have in place a firewall, anti-virus solutions for both servers and desktops, anti-spam and email filtering applications, and a virtual private network (VPN) for remote workers. Unified threat management (UTM) systems that combine several key security applications into a single package are often appealing solutions for SMEs working on a tight budget. SMEs should also consider Wi-Fi security, email encryption, anti-spyware, intrusion protection, and mobile security. With fewer IT specialists on staff, many SMEs opt for out-of-the-box security solutions that require little maintenance, and often prefer to deal with a single vendor or reseller with whom they are already familiar. McAfee's Sal Viveros also notes that many SMEs enlist an external consultant to help them make purchasing decisions.
© Copyright 2006 INFORMATION, INC.
Print This Article
E-mail This Article
