The Online Business Center

Small Business Data; Tips On How To Back It Up

Small business data is sensitive and private and should be treated as such. It is essential to keep your business information away from prying eyes. Every business collects data all the time. This data is normally stored in a database. This is usually the center of the entire business. That is why it is essential to get a simple and easily accessible database. You can always put a password so that only you will be able to access it when the need arises.

The other important fact about your business data is that you always have to have a back up for it. This way if it was to get lost or destroyed you always have a safe and reliable place that can store it. Many people in business do not give much importance to backing their data up. When you decide that you need data back up, it is necessary that you are using the right back up system. This is because you may think that you are using a good system but in actual sense you could lose everything you have backed up because of a small mistake.

What many business owners are not aware of is that if you are using Microsoft excel as a database then you are mistaken. Excel is only used to crunch numbers but is not any kind of reliable database. There are a number of good and reliable back up systems available for the small business own.

One of them is the tape drive process that uses a server that integrates the use of a tape drive. The tape is then exchanged periodically depending on the business needs. It is important that once you have ensured that your data is backed up you evaluate the information. This goes a long way in identifying an efficient strategy to recover data for the small business.

A Small Business Network Security Survey

Many of today’s small businesses use PCs and a server network to facilitate their operations. Important company information is stored in electronic format on these networks, and daily operations are dependent on the network being both available and secure. In many cases, these small businesses ignore or are unaware of the risks that could compromise the safety of the data. To better understand these issues, two hundred of these small businesses were interviewed about their network security. Companies ranged from those with ten employees or less, to those with over a hundred staff members.

Over half of the survey respondents believed that their network was adequately safe or very secure. A large number of respondents did admit that they doubted their defenses against an attack. This isn’t too surprising, as nearly all businesses have experienced some type of security threat in the last year, from lost computers or back-up takes, hacker attacks, viruses, or theft by employees.

The top three threats reported were:

1) Trojan horse or virus attacks
2) Stolen or lost computers, including data storage devices
3) Employee theft or hacker attack

Company defenses reported include:

1) Virus Protection
2) Firewall
3) Spyware Protection
4) Spam Filters

Recommendations:

Most companies reported that they lacked a smart password policy, automated patch management, and employee network use policies. Generally, many of these businesses don’t have full protection against an attack, and have not yet had to put their defenses to the test.

There isn’t one single fix to ensure secure continuity of operations on a network. However, we recommend a layered approach in managing these pressing security threats. This layered approach examines vulnerability in different areas including hardware, software, processes, and training. Every layer added another level of protection to the information environment.

1) Blocking network-based attacks
2) Blocking host-based attacks
3) Eliminating vulnerability
4) Supporting authorized users safely
5) Tools for maximizing effectiveness and minimizing losses

To assure the continuity of your business operations, regular testing of these security measures is required.

Level of Overall Security:

Over half the respondents stated that they thought their network was secure enough or better. 30% of the remainder thought their network was only somewhat secure, and over 10% confided that their network was not as secure as it should be.

These small businesses tend to believe that their network is relatively secure: 63% of businesses with less than ten employees and almost 75% of those with between eleven and twenty-five staff members. The larger companies were not as sure of their defenses, with over half of those with fifty to one hundred and 44% of those with over a hundred employees felt secure or secure enough. In the fifty-one to one hundred staff category, over 20% reported that the network was not as secure as should be. In general, the bigger the company, the larger the network – and the greater the number of security risks it must defend against.

Experienced Threats:

The respondents reported on security lapses or attacks that they’d experienced over the last year. The survey showed that Trojan horses or virus attacks are the most common threat to the network, with about half reporting experiences with these issues in that time. The larger companies reported at 40%, the lowest rate, which is indicative of better defenses. Over 60% of the smallest companies reported virus-based attacks.

Loss of company information from theft or loss of storage devices appeared to be a minor threat for smaller companies, but this risk increases with company size. Over 33% of the larger firms reported this sort of experience. Hacker attacks were most often experienced by firms with less than ten employees and those with over a hundred. It seems the smaller networks are more vulnerable, and the largest ones are high-profile, with a greater chance of becoming a target. Unfortunately, staff members can create a security risk themselves; about 10% of businesses reported that they had experienced unauthorized access or theft in the allotted time frame.

Devices and Procedures:

Good procedures, processes and systems can help defend against security threats. In the survey, respondents were asked which security methods were in use. Most reported that they had virus protection and firewalls. Around 25% lacked spam filters and spyware removal, leaving networks open to malware which ranges from dangerous to annoying. Under 50% have patch management or a smart password policy in place. This smart password system uses passwords with a mixture of normal and special characters which are frequently changed.

As compared to the largest companies surveyed, smaller businesses are less-often implementing network use policies for employees. Over 80% of the larger companies have defined guidelines for proper and improper network use. These guidelines attempt to lower the amount of network activity unrelated to the business, which result in increased security risk. Many of the respondents use wireless networks. Wireless networks are some of the most vulnerable access points if not well-secured. Only a few companies reported that they use all the top-priority security measures listed in the survey.

Testing:

No security device or feature can be known to provide real defense until it’s been tested. Anti-virus specifications could be out of date, a hole could exist within a firewall, or staff members could not be using the correct practices for a safe and secure network. About 25% of respondents indicated that either they couldn’t remember the last time they tested their security, or didn’t know that they ever had. This seems to indicate that while many have implemented security defenses, they can’t be assured that the expected protection is actually provided.

The very smallest companies least-often tested their security measures. About 10% of businesses had tested security, but not for over a year. As the threats change over time, dangerous lapses can occur without periodic testing. Around 33% of respondents reported that they’d tested their security measures within the last month. Validation of network security elements on a regular basis is important to system integrity in an overall continuity plan. It is unfortunate that usually a company only examines its level of exposure after a damaging event which negatively affects the business.