Guide Antivirus. You wouldn t leave the door to your premises open at night. So why risk doing the same with your network?

Transcription

1 You wouldn t leave the door to your premises open at night. So why risk doing the same with your network? Most businesses know the importance of installing antivirus products on their PCs to securely protect them from attack. But adopting a DIY approach isn t without risks. Having installed an antivirus product on your business network, do you know how often it is updated? Are you confident that the preferences and settings you installed haven t been changed by individual users? Does it protect all your business tools laptops, tablets and smartphones? And, if you save business costs by installing a free version, you ll then have to manually install this across all your devices and monitor it regularly on a device-by-device basis which costs time and resource. Guide Antivirus

2 When we can see a threat, we find it easier to protect ourselves from it. As a result, we readily buy in to the need to physically secure our business premises with controlled entry access, window locks/bars, CCTV and alarm systems. But when that threat is invisible, such as a malware attack on an individual computer or business network, there is a danger we become a bit more blasé about the need for equivalent security procedures. Ironically, however, in this day and age when virtually every small business is heavily reliant on technology, it is just these types of invisible security risks we need to be focusing more on, not less. Over 35 percent more UK companies were hit by Distributed Denial of Service (DDoS) attacks in 2013 than There was a 91% increase in targeted attacks in 2013 and a 62% increase in the number of breaches 2 1 in 8 legitimate websites have a critical vulnerability 3 Mobile banking Trojans are now so sophisticated that some can check your bank balance via your smartphone banking app to ensure maximum profit for the criminals. One antivirus software provider alone neutralised over 5 billion cyber attacks on user computers and mobile devices in Guide Antivirus 2

3 It s not just big companies that are targeted. In November last year, the UK National Crime Agency s National Cyber Crime Unit (NCCU) warned of a mass -borne malware campaign aimed at SMEs that infected over 12,000 computers in the US in less than a week. 63% of small businesses were attacked by an unauthorised outsider in 2013 (up from 41% in 2012) 5 15% of small businesses detected outsiders had successfully penetrated their network in 2013 (up from 7% a year ago) 6 The average cost to a small business of its worst security breach of the year was between 35k- 65k in Guide Antivirus 3

4 You can t prevent what you don t monitor More worryingly, perhaps, is a recent report by market research firm Vanson Bourne, which found that over half of UK businesses create IT security blind spots in their organisations because they are not monitoring the correct metrics. Whilst 57% of companies surveyed were tracking the quantity of security breaches detected, relying on this Key Performance Indicator (KPI) does not necessarily enable those businesses to take proactive prevention against further incidents. Monitoring such KPIs that do allow proactive measures, such as checking systems to see if they have the latest versions of patches or antivirus patterns or monitoring if they have the latest software versions installed, is only carried out by 41 percent and 30 percent of UK companies respectively 8. Many SMEs, often without the benefits of the dedicated IT departments of a large company, rely on a single member of staff who knows his/her way around a computer to ensure that all adequate network security measures are in place. And they have to fit this in around their day job, with all its demands on their time and effort. It s the equivalent of leaving your premises open and unlocked and asking someone to drive round every now and then to make sure no one is coming into the building and making off with your equipment. Guide Antivirus 4

5 In both cases, the chances of preventing a security breach are minimal, it only comes to light after the event and the cost of recovering the loss far outweighs what the cost would have been of preventing it in the first place, including: Financial losses from theft of information, bank details or money from accounts Financial losses from disruption to trading and doing business Costs of cleaning up systems and getting them up and running again Costs of fines if personal data is lost or compromised Costs of losing business through damage to your reputation Guide Antivirus 5

6 Security starts, not ends, with free antivirus If you re reading this thinking, well, none of that should happen to us as we already have installed a free antivirus product on our machines that is, undoubtedly, better than doing nothing. But it should be considered as the start, not the end; a first step towards security not a perception that security has been achieved. Moving to a managed antivirus would be a logical, and effective, next step for any small business, especially one that is growing and adding personnel and IT equipment. Paid for by either monthly subscription or an annual fee, a managed antivirus service is delivered by an external IT partner who will install the client s chosen antivirus software on all computers and devices (and crucially remove any redundant antivirus software). The IT provider then monitors the network, updates the antivirus software and carries out scans at convenient times, provides reports on security threats and alerts generally ensures your network and computers are as effectively protected from malware and virus attacks as much as possible. Guide Antivirus 6

7 There are five key benefits in outsourcing to a managed antivirus service: 1. All devices used in the organisation have the same level of security protection there are no longer any weak links. 2. Installation, monitoring, management and updating of the security software is all done for you leaving your staff to focus on their day jobs. 3. You only pay for what you need as most managed service packages are costed at a fixed rate per user, per month so you can budget for the small investment. 4. The managed service can never be turned off, bypassed or uninstalled by individual users giving you additional reassurance. 5. A higher level of protection no system is ever 100% fool proof but should a virus or malware get through, or your network be the subjected of a spam or DDoS attack, the IT provider will be alerted immediately and have the skills and expertise to limit its damage to your network and remove it once identified. Effective, affordable and easy to implement, when a managed antivirus solution offers all these benefits, it still surprises us when we discover SMEs who have yet to implement one. These must be the businesses with 35k- 65k easily to spare. Guide Antivirus 7

8 t: e: 1 United Kingdom DDoS Attacks & Impact Report. 2014: The Danger Deepens. Neustar 2, Internet Security Threat Report, Volume 19. Symantec 4 Kaspersky Security Bulletin 2013, Overall Statistics for ,6, Information Security Breaches Survey, Department for Business Innovation & Skills 8 The survey was conducted by Vanson Bourne on behalf of Tenable and interviewed 200 IT decision makers in the UK working in companies with more than 500 employees across March Guide Antivirus 8