Small Business Security Trends You Need to Know
Article By: Julie Knudson, Originally Posted By: SmallBusinessComputing.com
Small business security threats remain in a constant state of flux. Old threats fade away as improved protective measures make them ineffective, and then new threats emerge to take advantage of the latest security gaps. We asked security experts to discuss the most current crop of threats that small business owners need to pay attention to in the coming year.
Business: Brace for Data Breaches
Information breaches have made big headlines in recent years, typically involving large retailers with equally large point-of-sale (POS) and data systems. But Chris Strand, senior director of compliance, IT governance, risk and security audit programs at security firm Carbon Black, says that small retailers need to protect themselves against increased risk of data breaches.
"There has been a shift from enterprise to small business in terms of exploits, and I think we can expect further headlines about critical information breaches as it pertains to POS systems," he says. With the volume of credit and debit card data increasing, small businesses may experience more headline-grabbing breaches in 2016.
Attack of the Rogue Process
Security solutions more readily thwart older threats, such as in-memory attacks, but new security threats just keep coming. John Prisco, CEO of endpoint security provider Triumfant, views rogue processes as an emerging threat. "That's where a trusted process provides a home for an untrusted process," he explains.
Rogue processes—essentially an invasion of a previously-safe environment—are relatively new security concerns and tougher to identify. Prisco says that not many security products can identify and find them. "We expect a shift toward that type of attack, because they're difficult for a small company to protect against."
More Mobile Malware
Tony Anscombe, senior security evangelist at AVG Technologies, an antivirus and Internet security provider, sees a big trend in "the increase in malware" infections by way of mobile devices. Mobile security is an especially important issue small businesses, who readily embrace a bring-your-own-device (BYOD) strategy for their employees.
That strategy that may be cost effective, but as mobile devices become repositories of company information, those devices significantly increase a company's vulnerability. "How you protect those devices becomes increasingly important, because they're holding company data," says Anscombe.
More Point-of-Sale Malware Targeting Small Business
Small business POS systems have already experienced targeted malware attacks. But Christopher Budd, global threat communications manager at security firm Trend Micro, sees the POS malware threat growing more pronounced in 2016.
"We've already seen it migrate to very interesting areas like pay terminals for parking lots," he says. Similar to any other security attack, hackers go after big targets first, but when those are no longer viable—because security software and improved protocols slam the doors shut—thieves turn to the smaller businesses. "Now that the big targets have been exhausted, the attackers are going after smaller POS services," says Budd.
Strand points to the "continued use of unsupported POS operating systems" as a security concern that's spreading like wildfire. He names Windows XP as a prime example; many small businesses still rely on it even though Microsoft stopped supporting the OS back in April 2014.
Outdated operating systems don't receive support through security patches and other upgrades. "We're still discovering serious security gaps and vulnerabilities in these systems," Strand says. Hackers look for the low-hanging fruit, and those known small business POS vulnerabilities make a tantalizing target.
Internet of Things Creates New Security Concerns
The Internet of Things (IoT) continues its march into the world of small business. Anscombe envisions it growing in ways we haven't even grasped yet, adding that from coffee machines to light bulbs, it seems nearly everything is connected these days.
"An eco-friendly business might, for example, buy light bulbs it can turn off through Wi-Fi," he explains. Each of those connections can potentially create an unauthorized entry point into the network. As small firms add greater numbers of connected things in 2016, Anscombe says, "They broaden the attack surface." That translates into increased risk unless companies institute better security measures for connected devices.
Is your business prepared for these possible threats? Netmedia Solutions can help! Our backup and prevention services can protect you from the myriad of issues that can jeopardize your critical files, with practical and reasonably priced solutions.
Netmedia Solutions is a full-service IT consulting firm specializing in small business support, located in the Greater Philadelphia area. For more information about its services, call (267) 646-1100 or email
We’ve been working with NMS for 12 years, because they always answer the call, and they’re on-site or remotely resolving issues the instant they arise. We have never found anyone as responsive or competent, and Domenic is very professional and a pleasure to work with.
Dennis Ferry | CFO, SCP Partners
My business employs people in multiple locations who share information constantly. We needed a business to manage this, so we could focus on our customers. Domenic implemented, trained us on, and manages a Cloud infrastructure that suits our needs—at a fraction of the cost doing it in-house. NMS maintains everything so I’m literally worry-free in the IT department
Sam Earl | Founder and CEO, Local Food Systems
...NetMedia has been able to not only support our day-to-day needs; they have been able to upgrade the level of performance of the overall network. The relationships you and Tim have developed with our employees make it easy for them to work directly with you and keep me from getting involved in every issue.
John C. Barr | CFO, Bancroft Construction