Why Marketers and SMBs Need to Take Online Security Seriously
I know what you’re thinking. Why is the content writer talking about online security?
Well, I write quite a bit about building trust and credibility and how important they are to establishing brand value and closing sales.
I also discuss what companies can do to erode or even destroy that trust and credibility.
And nothing can kill trust and credibility – or put a company out of business – like a security breach.
Sure, the Targets and Home Depots of the world have the resources to fortify their security and plug holes. They can withstand the bad publicity. They can spend millions to rebuild their image.
Can your company do the same?
I write a ton of IT-related content – averaging about one piece of content per day – for Cooper Marketing Solutions , a marketing firm that specializes in content marketing for IT companies. I’ve learned about a ton of concepts that made my head spin, and I’ve sifted through a ton of statistics.
One particular statistic from a 2013 Experian study has always stood out in my mind.
60 percent of small businesses that are victims of a security breach go out of business within six months.
Most small-to-midsize businesses with inadequate security also lack a disaster recovery strategy, so it can take weeks to restore business data and applications. In many cases, data is permanently lost.
Either way, customers are forced to take their business elsewhere, or they choose to find a less risky alternative.
Keep in mind that today’s cybercriminals aren’t computer nerds eating nachos in their parents’ basement. They’re highly sophisticated, well-funded organizations that are constantly looking for new ways to steal money, trade secrets or classified information.
Some target the Federal Reserve. Others target small-to-midsize businesses (SMBs) because they typically have outdated or weak defenses.
Consider some of the modern threats that both large enterprises and SMBs must contend with:
- A zero-day exploit is a threat capable of detecting a vulnerability in a network and exploiting that vulnerability on the same day – before the victim realizes the vulnerability even exists.
- Malvertising spreads malware through online ads. Traditionally, malvertising required a user to click an ad to have malware downloaded onto a desktop or mobile device, and attacks typically occurred on less-than-reputable sites.
- Just a couple of months ago, a new kind of malvertising campaign victimized users of reputable sites like AOL and Match.com by infiltrating the advertising networks that delivered ads to those websites. This allowed criminals to microtarget victims according to very granular targeting options. The scary part is that users didn’t even have to click the ads. Anyone simply exposed to the ads could have had their device infected.
- Security experts believe this recent malvertising campaign may have infected millions of devices with Cryptowall ransomware. Cryptowall locks down your data, which will be lost forever unless you pay a ransom to unlock it – and the cybercriminal lives up to their end of the deal.
In addition to more sophisticated, modern security threats, criminals use simple methods to target the weakest link in the security chain – human beings.
Do you know what the most common online passwords are?
“Password” and “123456.” Yes, many employees are that lazy.
Many time-strapped IT managers never change default passwords when installing new technology, which is like handing a burglar the keys to your front door.
And for some mind-boggling reason, when people receive an email from a sultan in a far off land who promises to wire them $10 million dollars, they fall for the phishing scam and click the link in the email.
I can’t believe someone would open an email that starts “Hello, Dear One.”
It’s not just individual employees dropping the security ball. It’s the companies that turn a blind eye to security.
Microsoft ended support for its Windows XP operating system in April of this year. Many businesses continue to use it because it still works just fine.
However, an unsupported version of Windows won’t receive any new software updates, including security patches that are automatically delivered by Microsoft.
That means Windows XP users are popular targets of cybercriminals.
And SMBs are already popular targets. A 2013 study from Verizon analyzed 855 security breaches and found that 71 percent occurred in companies with fewer than 100 employees.
The use of unsupported technology is just one example of how a lack of attention to online security by SMBs can make the jobs of criminals that much easier.
If you’re gathering customer data, you better be protecting it.
Companies in regulated industries, like finance, healthcare, law and retail, risk compliance violations and lawsuits if certain data isn’t adequately protected.
But security needs to be top-of-mind for any company, large or small. When someone enters a name and email into a form on your website to sign up for your newsletter, where does that data reside?
How secure is your customer database? How are you protecting your email list? Are you allowing consumer-grade applications and software to be used by employees?
Is your network being monitored for suspicious activity? How long would it take to realize a security breach has occurred? What would be the cost per hour if your network goes down?
If you outsource your marketing, where is the marketing firm storing your data? Are they using a secure internet connection? What is their security strategy?
SMBs are using customer data more and more to fine tune their marketing strategies and make smarter decisions.
Data can be incredibly valuable, but failure to secure that data can blow your business right out of the water.
What is an SMB to do?
First, make sure employees use their brains, from using complex passwords to reporting and then deleting suspicious emails.
Bring in a third-party to evaluate your security infrastructure and overhaul your security strategy if necessary, using next-generation firewalls, data encryption and access controls. Cloud-based services allow companies to leverage a service provider’s enterprise-grade security tools and expertise with little or no upfront cost.
Most importantly, take online security seriously. Because the consequences of a breach can be devastating.
Subscribe to my blog to receive insights and commentary about copywriting and marketing.
I love testimonials, but only real-world, unfiltered client feedback tells the whole story.
© Scott McKelvey Consulting, LLC. All Rights Reserved. | Privacy Policy | Accessibility Statement