Just because you’re a small business without a multimillion-dollar turnover, it doesn’t mean you’re immune from cyber crime. In fact smaller businesses can be deliberate targets. Hackers assume you’ll have a limited security budget and weaker defences compared to major corporations, and they’re often right.
Here are some stats you may find shocking: small to medium businesses accounted for 61 per cent of all targeted attacks according to Symantec’s 2014 Internet Security Threat report. Seventy per cent of Australian and New Zealand SMBs are the victim of hacking each year. The average cost of cyber crime in Australia in 2014 was over $4 million per company attack, with SMBs losing a total $1.7 billion.
These are some pretty scary stats. Does it make you think you should be taking security more seriously? If you’re wondering what your options are, let’s take a look:
1. A ledger and abacus
You could un-digitise all your accounting and go back to paper. Your accountant will probably weep, but it’s a free world. Not a very efficient one, though.
2. Upgrade your security
Make sure you’ve got the latest, fully updated security software: from anti-virus and malware to firewall and network security. You can also upgrade your equipment, perhaps opting for hardware-based full disk encryption. Excel spreadsheets can be encrypted with a password: make sure you don’t lose it though. You can encrypt entire folders, subfolder and files. Plus you could have a security and compliance audit done: if you’re holding sensitive customer data, certain privacy and data protection laws apply.
3. Get cloud-based accounting software
If you’re putting your data into the cloud with a reputable provider, you’re getting industrial-grade security almost as a free bonus. Providers employ professional grade security technology so your data is safer with them than on your own hardware. They have security experts on hand, and are able to invest more in the very latest security.
Accounting software will also protect you against internal fraud. With customisable user roles and built-in audit trails, software helps minimise, detect and track fraud activity before it actually damages a business.
There are three areas of security you need to consider with cloud-based accounting software:
The security of your supplier: Are they a reputable and reliable company, and not a financially shaky, fly-by-night operation that’s understaffed and may suddenly vanish one day?
Or are they well known and perhaps a listed (public) company, with the extra levels of legal and financial scrutiny that brings?
Physical security and infrastructure: What kind of data centre is the provider using? How advanced and robust is it? Data is not only compromised though cybercrime, it can also be lost through disasters. In the event of fire or flood if you haven’t backed up your data, you’re screwed. But data centres are built to be fortresses with reliable contingency plans, with the best providers guaranteeing over 99.99 per cent uptime.
What kind of disaster recovery plan does the data centre have? Where is it physically located? Is there a back up centre, and is it in a different location? There’s no point having your back up centre next door. How stringent are security procedures for access, a nod and a wave or proper biometric checks? Remember you can always visit to see for yourself.
Data security: It’s important to find out whether your data will be stored in Australia or not. If it is hosted in the US, it’s subject to the US Patriot Act. This means the US government can easily access it, which conflicts with Australian laws.
Find out how many people are able to access your data. Can they decrypt your passwords? What security system do they use? How do they handle backups, multiple locations? Tapes? A secure vault?
Putting your data in the cloud may feel like a leap of faith. But it can actually be more secure in the hands of a responsible cloud-based accounting software provider than on your own computer.