Quocirca Reports | Quocirca Articles | Key Analysts | Questions & Answers
Information security for SMBs
Small and medium-sized businesses (SMBs) can benefit from the expansive use of information technology (IT) just as much as their larger counterparts. Indeed, in many cases they have to, because to trade they need to interact with business partners of all sizes and IT failure affects not just internal users but those of third parties. To this end any SMB's IT infrastructure needs to be resilient and secure. All too often it is not and when this is the case the SMB loses competitive advantage.
Key Findings

  • Just under half of all SMBs operate from a single physical premises and when this is the case their main IT infrastructure is housed at that location
    With SMBs now so reliant on IT, few are taking the precaution of housing IT in a separate location to the majority of their users. Whilst this is not hard to do with the amount of co-location facilities and network bandwidth now available, most SMBs still face total business failure if their single physical location is hit by disaster.
  • Over 90% of SMBs provide some of their employees with laptops and more than half allow access from handheld mobile devices
    Such widespread use of mobile devices means much valuable information is stored, at least initially, away from the central IT infrastructure. If these devices are lost, stolen or just fail this information can be lost too. It is not just necessary to ensure the devices are properly secured but also that they are regularly backed up.
  • Around 70% of SMBs open up their IT infrastructure to external users of some sort, whether they are contractors, customers, suppliers or other third parties
    This is essential as business processes become more automated to remain competitive. There is, however, a downside: if the infrastructure fails then it is not just internal productivity that is hit, but also that of the outsiders. Such failure could lead to lost orders and terminated contracts.
  • Maintaining PCs, IT security and network access are the drudgery of SMB IT management, taking up the majority of IT management time
    There will always be such problems, but minimising them makes a big difference. Having confidence in the security of servers and end points of access and the resilience of networks allows open access to be pushed to the limits, and the mobility of users and automated interaction with third parties to be exploited to the full.
  • Almost 80% of SMBs think it is critical for employees to be able to backup their own devices and many expect them to be able to do day-to-day maintenance
    Helping employees to help themselves is a good thing but, wherever possible, their acquiescence should not be relied upon. Backups can be automated, access can be made easy using VPNs and mobile devices can be put under third party maintenance contracts.