24 Sep The importance of cybersecurity in small and medium enterprises

Posted at 18:54h in Business, Managment, SMEs by
0 Likes

Faced with the 125% global increase in cyber-attacks in 2020, many companies have placed their investment in cybersecurity as one of their priorities in 2021. The most recurrent attacks are spoofing, malicious insider threats, ransomware, and DDoS attacks, among other incidents related to cybersecurity. The repercussions of a cyber-attack can be devastating, for example, the reputation of companies, trust, civil liability, among others. Here are some recommendations for SMEs.

 1. App inventory

It is essential to carry out an inventory of all the resources and applications used in each of the devices. In this way, you will be aware of what you have.

 2. Risk management policy

It will be necessary to decide who or who will be in charge of managing the risks in the IT security of the company. In addition, you must assess the level of risk that you are willing to accept. And based on this, develop a policy that explains the actions that you and your team are willing to take to manage these security threats.

 3. Update the software

If you have old software, it would be better to change it, since they are vulnerable to any type of malware. Therefore, periodic software and firewall updates and patches must be carried out on devices and networks.

 4. Establish accessibility to data, vital in cybersecurity for SMEs

You must classify the data of the company and determine who will have access to each category. This is according to the positions they occupy or the departments in which your collaborators work.

 5. Make backup copies

Backups should be part of the day-to-day business. Also, do a periodic check-up review. Maintain constant monitoring and complete analysis of devices and systems.

 6. Protect your Network

Check if the router that is connected to the company and provided by your internet provider includes the firewall, to control network connections and access the web, if not, proceed to keep it well configured and updated with the indications provided by the manufacturer. For the use of private or corporate mobile devices, and approval of the security manager is necessary, making sure that these computers have at least:

  • An antimalware installed and updated with the latest version.
  • The use of a PIN, password, or some other authentication method and that they are encrypted.
  • That can be traced or deleted remotely in case of loss or theft. If this event occurs, employees must inform the security officer so that the data on that device is deleted as soon as possible.

References

La importancia de la ciberseguridad para PYMEs. (2021, Junio 07). Rednew. https://rednew.es/ciberseguridad-pymes/

Consejos de Ciberseguridad para Pymes. (n.d.). PIMEC, 4. https://www.pimec.org/sites/default/files/documents_pagines/consejos_ciberseguridad_0.pdf