Top 5 Technology Mistakes SMBs Make (And How Tesno Technologies Can Help you Avoid Them)
Small and medium sized businesses (SMB) often don’t have the resources or inclination to track the latest computer news, security threats, or even common break/fix tips. And not all small business owners are adept at maintaining best technology practices.
As a result, SMBs frequently make certain technology mistakes. Here’s a look at these mistakes, along with specific steps IT consultants can take to assist SMBs in correcting these common failures.
#1: Inadequate technical support
Many organizations go without technical support, relying instead upon an employee whose love of gaming may make him or her the local office “computer guru.” Other organizations may depend upon a staffer’s friend or relative (who’s “interested in computers”) to provide technology advice or assistance when critical systems fail or slow unacceptably.
Some turn to their hardware manufacturer’s telephone support line for help, only to be disappointed when the solution to many problems proves to be performing a reinstallation (thereby resulting in the loss of all the business owner’s data). Some rely upon a big box electronic store’s service arm, never receiving the same (novice, often undereducated, and inexperienced) technician twice. And still others locate a student or individual who provides computer support “on the side.”
These support methods are not cost-efficient. Nor are they effective information technology investment, troubleshooting, or administration options.
SMBs need knowledgeable, trusted technology partners who are proficient with current technologies and willing to help learn their industry’s operations requirements. Once a qualified technology expert is familiar with a client’s needs, appropriate services and solutions can be recommended and deployed. The result is almost always more cost-effective, more efficient, more profitable operations for the client.
#2: Security failures
SMBs frequently fail to accommodate security issues. Organizations either don’t recognize the risks or don’t take them seriously.
The costs are staggering. Large U.S. organizations lose nearly 2.2% of their annual income due to security attacks, according to an Infonetics Research “Costs of Network Security Attacks” report. That’s expensive. The FBI estimates such computer crime costs U.S. industry in excess of $400 billion.
Organizations don’t need to have a high profile to become a target. Hackers have created countless automated programs that scour the Internet 24/7, seeking poorly secured systems, servers, PCs, and networks to infect and exploit.
Unfortunately, businesses everywhere are falling victim to compromised systems, robotic attacks, identity and data theft, and more. Organizations that fail to properly secure client and customer data often find themselves in the middle of security crises that result in bad press, lost sales, and forfeited customer trust.
Fortunately, completing simple steps assists SMBs in preventing security failures. Here are several best practices all organizations should adopt:
Implement and enforce strong password security policies for all PCs, servers, network equipment, and software applications.
Regularly update operating systems, network equipment firmware, and applications with the latest security patches.
Deploy business-class firewalls in all locations; connect no systems directly to the Internet.
Secure all wireless networks.
Disable guest accounts.
Implement Internet and e-mail usage policies that preclude personal use of those technologies.
Prohibit file-sharing programs.
Deploy proven antivirus, anti-spyware, and anti-rootkit applications and update them regularly.
Regularly perform security audits and correct all deficiencies.
#3: Poor backup strategies
In Spite of the plethora of options, many organizations fail to sufficiently back up data — a mistake that can be unrecoverable.
Statistics reveal there is a 50% chance an organization will cease operations immediately when critical data is lost. Worse, an organization’s odds of failure rocket to 90% within two years when critical data is lost. Data losses cost an average of 19 days’ productivity. Recovering data from damaged disks, meanwhile, is extremely expensive.
Even organizations that believe their data is properly protected may find themselves at risk. Occasionally, incorrect data (as in the wrong data) is backed up. In other cases, tape backups prove unreliable. (Gartner Group estimates only half of all tape backups restore successfully.) Fortunately, SMBs can follow simple steps to securely protect their data.
Since data backups are so critical to an organization’s livelihood, small businesses should work with proficient IT consultants or technology partners to ensure the right data is being backed up and that it’s being backed up as frequently as required. In addition, technology professionals should regularly test backup sets to confirm the data can be recovered in its entirety.
Consultants can work with SMBs to determine what data, files, and information should be backed up, how often to create the data sets, where to locate the backups, and how often to test the sets’ integrity. Consultants also prove invaluable in updating backup routines when software upgrades, migrations, and other updates change critical file locations. Further, technology professionals can ensure business data remains secure, which is a critical concern for physicians, financial institutions, and even retail outlets.
#4: Virus exposure
Viruses not only remain a major threat, but their dangers are increasing. The BBC reports that unprotected PCs become infected within eight seconds of being connected to the Internet.
Infections are proving expensive, too. In the book The Dark Side of the Internet, author Paul Bocij estimates the average virus incident costs organizations $2,500 in remediation and data recovery expenses. A report by ICSA Labs places businesses’ costs even higher (at $99,000 per incident).
And the numbers, varieties, and types of threats only increase. Malware programs are evolving at such a clip that many security software vendors have eliminated daily updates in favor of distributing patches every four hours.
Often, businesses and users simply fail to implement protection. A survey conducted by the National Cyber Security Alliance revealed that 67% of the respondents did not have up-to-date antivirus software. Worse, some 15 percent had no antivirus application installed.
#5: Spyware exposure
Before we address virus solutions, let’s visit spyware, which is an equal threat — and potentially even more daunting.
Spyware differs from viruses in its nature (spyware typically aims to track user behavior, collect user information or sensitive data, and display unwanted advertisements, whereas viruses often destroy data, corrupt systems, or enable hackers to remotely control a system). But spyware’s business impact has reached epidemic levels.
The respected trade group CompTIA estimates spyware infections require two-and-a-half days to resolve and cost small and medium-size businesses $8,000 a year, which doesn’t factor lost revenue. As evidence businesses aren’t doing enough to protect themselves from the threat, CompTIA pointed to the information its research recently uncovered. More than a quarter of business users reported their productivity suffered as the result of a recent spyware infection, and more than a third reported being infected multiple times within the last six months, with some reporting being infected as many as 10 times!
No virus or spyware strategy is foolproof, but most technology consultants recommend the following steps:
Install reputable antivirus and anti-spyware applications.
In high-risk environments, a second standalone anti-spyware application is warranted.
Regularly update antivirus and anti-spyware programs.
Do not let antivirus and anti-spyware program licenses expire.
Perform regular automated antivirus and anti-spyware scans.
Regularly review security program log files to confirm proper operation.
Further, businesses should avoid deploying “free” security products in businesses. These products are often deployed in violation of the license agreements (which require licensing the software in businesses, academic facilities, and nonprofit organizations) and don’t support frequent updates, real-time protection, or automated scans.
**Bonus #6: Unsolicited E-mail
Most every business and user is familiar with the problem of unsolicited e-mail, also known as spam. Spam messages have become a serious issue, particularly for SMBs that often misunderstand the problem and fail to take effective countermeasures.
The Radicatti Research Group estimates spam costs businesses more than $20 billion a year. Further, almost half of all e-mail is estimated to be spam.
Thus, SMBs are investing valuable time, money, and system resources processing, delivering, and even storing these unsolicited e-mail messages. In addition to lowering productivity (staff must regularly sift through hundreds or more junk mail messages, deleting the spam, in search of legitimate e-mail), spam takes a toll on an organization’s servers and workstations, which often must dedicate processor cycles, disk space, and backup media to untold gigabytes of unwanted mail.
Technology consultants use several weapons in the war on spam. In addition to network filtering software, consultants can deploy server-based spam protection. Some organizations choose to outsource e-mail processing to a vendor that can monitor e-mail streams and filter out unwanted messages.
But such filters can generate false positives. And they’re not cheap. Therefore, it’s often a good idea to begin by adopting effective methods for managing unsolicited e-mail messages. Here are several first steps all e-mail users and small business owners may take to minimize spam:
Do not publish e-mail addresses in plain text on Web sites; instead use form-based tools that prevent robotic harvesting.
Avoid forwarding chain e-mail messages.
Ignore credit repair, get-rich-quick, and other common e-mail solicitations.
Use reputable e-mail filters (such as those included in Microsoft Outlook, Google Gmail, and other programs).
Read all terms before ever submitting your e-mail address to another party.
Review privacy policies before ever providing an e-mail address.
Consider creating a free e-mail account (Yahoo, Hotmail, Gmail, etc.) for submitting to third parties.