SME clients must not overlook cyber security since they are vulnerable to the same scams and cyber attacks that prey on individuals, according to accounting and advising firm RSM Australia.
RSM Australia said SMEs may suffer severe ramifications from a significant security breach, which may even hamper businesses’ ability to continue operating. According to a 2015 study by US-based Ponemon Institute and IBM, a security breach in Australia can cost millions of dollars, in addition to the reputational damage a high-profile attack can cause.
Recent threats include online banking scams in which customers receive a text message that would direct them to a fake page and provide their bank account details. The attackers can then use the data to fully access business accounts, potentially wiping them out.
“These scams are successful because they look plausible, and busy business owners may not have time to carefully consider and examine the links they’re clicking on, particularly if they’re on a mobile device screen rather than a larger, easier-to-read screen,” said Michael Shatter, risk advisory partner at RSM Australia.
Shatter said one way SME owners can protect themselves from such scams is to use business banking services rather than consumer services.
“They tend to offer more sophisticated security options and additional security for multiple account users,” he said.
RSM Australia has identified eight ways SMEs can protect themselves:
1. Keep software updated, since updates often include security patches.
2. Educate all staff regarding the risks and how to protect themselves and the business.
3. Demand strong passwords for all applications, not just key applications like banking or invoicing.
4. Use up-to-date security solutions including anti-virus, firewalls, intrusion detection, and threat detection.
5. Never click on links to banking sites in emails or texts. If in doubt, call the bank directly.
6. Treat mobile devices the same way you would treat computers; they are equally if not more vulnerable to attack.
7. Ensure your files are backed up regularly and reliably.
8. Get professional, external advice to improve your security posture, and conduct a risk assessment.