Chapter15.Security for Small Businesses

Chapter 15. Security for Small Businesses

Most small businesses are not targets for direct attacks. Instead, they end up as collateral damage in larger attacks, such as mass worm outbreaks or efforts to harvest credit card numbers no matter where they come from. Nevertheless, a very significant cost is associated with this. Imagine if you couldn't use your computer systems for a week. Or if you lost all the data stored on all the computers in your company. Or that your worst competitor could obtain a list of all your customers, along with sales figures and sales notes for each customer. Or that someone added himself or herself to your payroll database and set up direct deposit to a bank account in the Bahamas. How long would it be before you noticed any of these? ^[1] What would these breaches cost your company? Can you afford these losses?

^[1] As an experiment, announce that next month you will do manual payroll. Print all checks, but don't distribute themand don't do any direct deposits. Have employees appear in personwith company identificationto pick up their paychecks . Ideally, you should have none left over. If you do, it's time to consider improving the security of your payroll system.

We understand that your business is your business not the daily machinations of keeping computers and information secure. So, in this chapter, we describe a few critical steps that are important for any small business to understand. Follow these steps, and although we certainly can't guarantee that you'll never be attacked , we're pretty confident that the pointers here will help protect you from many attacks and even make you less interesting to someone looking to cause harm.