Top 5 Business Security Secrets

It’s no secret that globally businesses are navigating through troubled times. The global economic downturn is having a catastrophic effect on businesses. When well known high street names that have been in business for up to a hundred years go bust, then businesses need to evaluate their business development strategy. One other factor which adds further misery to businesses trying to survive a recession is that crime increases exponentially. Crime against businesses is one of the first sectors to rise in a credit crunch. Large numbers of people are laid off or made redundant,they lose their income and many struggle to come to terms with the low income provided by the welfare system.

Those with criminal tendencies will turn back to committing acts of theft and fraud to raise money. Organised criminals also experience financial losses in any economic downturn and sadly businesses are usually the criminal’s first port of call. My top 5 business security secrets are designed to assist all businesses to increase their security effectiveness and minimise the security risks of theft and fraud.

Top 5 business security secrets #1- Conduct A Security Audit

Every business has security requirements, the problem is most managing directors and owners fail to realise this critical factor until it’s too late. By too late I mean it generally takes an incident of employee theft, fraud or an act of vandalism or product tampering for the MD or owner to consider implementing security counter measures.

This is a positive first step; however security is best applied as a preventative procedure, rather than post incident. If security counter measures are applied post incident then the insurance premiums will have already been increased, or flagged for increase during your next trading year. Many MD’s and business owners then take it upon themselves to conduct a security audit. This generally is pre-programmed for failure as unfortunately most MD’s and business owners don’t know what they don’t know.

By this I mean, very few are skilled security specialists. The MD or owner security audit is generally driven by price, i.e. they will usually purchase security products based on the cheapest price, whereas a security audit specialist will focus on quality security products that will stand the test of time and assist in providing business support to the company as the business grows and prospers. A security audit for an SME size business can often be conducted in one to two days.

Top 5 business security secrets #2- Form A Threat Management Unit

It is safe to say that most business applications and concepts that materialise in the USA tend to find their way across the ocean to the UK at anything between 5 to 15 years later. Threat Management Units or TMU’s as they are known in businesses, are big in the USA and it’s only a matter of time before UK businesses jump on the bandwagon. The role of a threat management unit is to analyse all perceived and actual threats to any business and then implement business continuity strategies to ensure the business doesn’t fail because of critical incidents. All business aspects are covered by the TMU including, business growth, joint venture partnerships, due diligence, directors legal responsibilities to employees, employee checks, risk assessment and risk management,crisis planning, downsizing, redundancies, and a host of others. A threat management unit generally consists of two or three company employees, usually the senior company director or partner, the head of personnel or human resources and a manager. The threat management unit is then supplemented by a security consultant or a security director. ( see top business security secrets #5 for further information on security director.) It is important to realise that a threat management unit can and should be formed by even the smallest businesses as the strategies put in place can ensure that small, medium and large businesses can survive and thrive in the event of any critical incident.

Top 5 business security secrets #3- Design And Test Your Business Continuity Plan

It’s difficult enough surviving the current economic downturn without having to face the corporate trauma of losing your business because an external critical incident had an indirect or direct impact on your business. In the aftermath of the London7/7 terrorist bombings many businesses were affected by this critical incident. Sadly a number of them although not directly affected by the bombing were forced to close down. Many of them were small and medium size businesses. Local coffee bars and retail outlets closed because the police and security services closed down the streets to pedestrians where these businesses were located. Some of the pedestrian restrictions lasted several weeks as scenes of crime officers meticulously investigated these areas. Few small or medium businesses can cope with a loss of all revenue for several weeks.

However if any of these businesses had a business continuity plan in place alternative methods would have been pre-identified to continue with income generation during the time of crisis. Business continuity plans are not restricted to acts of terrorism. They include any type of critical incident which can happen to any type of business small or large. For example; A fire or a flood

destroys your office or shop, an electrical fault blows all your computer and communications equipment. An employee steals valuable data and sells it to your competitors. A disgruntled former employee returns to your business to harm members of your work force. A business continuity plan is a fantastic investment for any business who are seeking long term sustainable business growth.

Top 5 business security secrets #4- Research Your Business Competitors

All intelligence agencies conduct ongoing research and surveillance on their competitors. The old cliché of knowledge is power that every business coach and mentor bands around is severely flawed. Knowledge is not power. Power comes from the actions you take from gaining knowledge. I’m not suggesting you hire a platoon of former KGB agents to spy on your competitors although I personally know that this service is available although generally only to larger businesses. What I do advocate is the ancient Sun Tzu Art of War principle of, ‘know your enemy-know yourself’. If this appears somewhat extreme then it’s time for a reality check, your business competitors are your business enemies and the war is driven by annual turnover and increased profits, hence the need to research your business competitors.

With such advanced research technology offered by computers and the internet researching your business competitors has never been easier. For example most online search engines now offer competitor analytics which allows you an insight into how much they are paying for online marketing campaigns and who they are targeting. Just as it is in covert intelligence operations, being one step ahead of your competitor is key to success. In business this translates to long term business growth, sustainability, increased turnover and profits.

Top 5 business security secrets #5- Hire A Security Director

This business security secret #5 should not be dismissed because you think it is too expensive or beyond your reach. A select number of security experts and consultants hire themselves out to businesses on an annual retainer basis. The benefits of this concept are many. You and your business will have the ear of a security expert on call 24/7. You will not have to pay a full time salary for this security director, nor will you have to pay PAYE, national Insurance, holiday or sick pay, nor will you have to pay executive director benefits. In fact I know of some security directors who are retained by small business consultancy agencies for small to medium size businesses for the salary equivalent of a junior administrator. The fees payable for your security director are of course tax deductible. When you factor that this security director generally has a wealth of security experience and contacts which will all assist in your business growth and expansion of your business, then it’s a very small price to pay.

A professional security director will be able to produce your security audit, and assist with your risk assessments and prepare a business continuity plan in case your business faces an unexpected crisis.

Dr. Mark D. Yates The British American Security Expert has conducted high risk sec

Posted in Uncategorized | Tagged , | Comments Off

Business Security Threats – Avoid These Common Mistakes to Protect Critical Data

It’s not a matter of if, but when. You might think that as a small business owner, your company is not a target for malicious hackers or attacks, but this couldn’t be farther from the truth. Size doesn’t matter when it comes to maintaining business continuity in light of security threats – both natural and man-made – anyone and everyone is susceptible. Think about what kind of information you could lose from various business security threats – years worth of tax records, confidential employee information including Social Security numbers, signed customer contracts and customer contact records, just to start.

When an eight person law firm in Miami was hit by Hurricane Ike in 2008, it was forced to close its doors after a decade of being in business. Everything they had was destroyed and irretrievable. Although this was a natural disaster, the business owner could have taken some relatively easy and cost effective precautions to ensure his business was safe from common small business security threats. Fortunately, for today’s small business owners, there are many software applications available that are adept at maintaining business continuity. These applications are easily accessible and simple to implement, making your business safer in case the unthinkable should occur.

The Keys to Maintaining Business Continuity

I see many small businesses make the same common mistakes when it comes to securing their data and maintaining business continuity; I’ve listed them (below) in an effort to help companies protect themselves from business security threats. Most companies I talk to believe they are secure, when in fact, they are unmistakably vulnerable.

Mistake #1: “My data is secure; I’ve got it backed up on-premise.”

Let’s say you are fortunate enough to have a security system, a fire detection system and are part of a secured office park with security personnel roaming the grounds 24/7. Just because your premises are secured doesn’t mean your records are safe from business security threats. In fact, it’s the opposite. Many businesses commonly make the mistake of backing up files only on-premise or back-up on premise and remove discs or tapes manually on a regularly scheduled interval (ex. once per month). The smartest solution to combating business security threats is to have all your data saved and stored in an off-premise data center. By having your data backed up off-site, you ensure the safety of all your important files and you get the added benefit of being able to access important files from any Internet connected computer (with the right security authentication of course!)

Like in the earlier example of the law firm affected by Hurricane Ike, if it had stored all of its files off-premise in a hosted data center, the employees would have been able to save all of the files, retrieve and reinstate them and gotten the business back up with minimal interruption. Backing up to an external hard drive or NAS (Network Attached Storage) device is critical to maintaining business continuity and preventing data loss due to hardware failures. However, small businesses commonly face fires, floods, thefts, and other business security threats that require backups to be off site. Make sure your business has a secure backup solution in place to allow data to be stored off-site. These solutions are relatively inexpensive in terms of maintaining business continuity, especially considering the alternative.

Mistake #2:”I just bought a new PC, so I’ve already got the latest and greatest security software loaded.”

You may be thinking to yourself “I already have all the security I need.” Yes, Microsoft Windows does have a firewall feature guarding against common business security threats, but these off-the-shelf components aren’t nearly enough to support the needs of a company. Ideally, small businesses should employ the same “defense in depth” strategy large enterprises use to secure their internal networks. PCs should have their software firewalls enabled and properly configured, and have a firewall router on the network’s edge to provide a second layer of defense against business security threats. This way, if a PC’s firewall is not configured properly, there is still a layer of protection between the computer and Internet threats. By selecting a managed firewall application, small businesses will shield themselves from critical network threats, block unnecessary Internet traffic, and restrict applications used on your network. This type of security product is a necessity for protecting small business networks from malicious Internet threats and maintaining business continuity.

Mistake #3:”I installed new security protection software in the past couple years or so.”

As you may know, many laptops and desktops come with pre-installed free trials of a brand name security offering, although this will keep your desktop secure for a brief time, many small businesses commonly make the mistake of letting this software expire and forgetting to update it. In order to protect your desktops and laptops from online business security threats, you must install a secure desktop solution to protect PCs from viruses, spyware, and other Internet-borne attacks. Sold as a bundle as part of many communications and IT services, secure desktop applications have no expiration dates to keep track of. The best part of this software application is that updates are automatic, which means there are no more software upgrades to install–reducing the cost of IT management. Maintaining business continuity is easy–just secure your desktop as soon as you can!

Mistake #4: “I have to update my browser and operating system (OS) security patches myself, and I just don’t have the time.”

Small businesses can easily be taken advantage of due to low security on their browsers and operating systems, but these types of business security threats can be easily avoided with automatic security patch updates. Many small businesses take the burden of updating their PCs with the latest software versions on themselves, but OS security can be easily automated, which makes maintaining business continuity a breeze. Yes, small businesses should ensure the updates take place and check in on them regularly, but today’s technology helps alleviate some of the time it takes to manage the situation.

By avoiding these common culprits of business security threats, companies can protect one of their most precious assets – data and files. Most businesses will face many threats in their lifecycle. Learn from the mistakes others have made and take these steps towards maintaining your business continuity.

Tom Collins is the Product Manager for Security and IT Services at Cbey

Posted in Uncategorized | Tagged , | Comments Off