New research by specialist small business insurer Hiscox reveals that 75% of SMEs do not feel completely confident that their office premises are safe from thieves and nearly a quarter (22%) are concerned about e-risks and cyber crime. Since the start of the financial downturn, over a third (38%) believe their offices are more likely to be a target of burglary.
The item deemed most at risk, by 41% of SME owners in the study, was computer equipment. E-risks that they face, such as theft of data, online identity fraud, loss of confidential information or hacker damage were also cited as a concern. This comes as no surprise as government statistics reveal that the average cost of the worst IT information security incident to a small company each year is £10,000-£20,000. Just 17% of SME owners said they were not concerned about anything being stolen from their office.
Hiscox SME insurance expert, John Heaney, comments: “It’s important for businesses to protect themselves against loss of physical property and data theft. It may sound obvious, but following basic procedures such as checking windows and exits are secured, setting alarms and storing expensive equipment out of sight, can be invaluable.”
“SMEs should also consider their online assets and how to protect them. Given the importance of data to businesses it is essential that SMEs have strategies in place to mitigate online risks. Data is currency and while the internet has made it much easier to access information it has also increased cyber risks such as hacker attacks and electronic ID theft. SMEs need to think beyond securing the building and put in place robust online security measures.”
Hiscox offers the following security tips to help SMEs to protect against online and offline risks:
– Protect information with a need-to-know policy with employees. If storing information on a central file server, manage who has access to files. This can help prevent data loss, whether accidental or deliberate
– Running an enterprise is a full-time activity and if you do not have online technical expertise seek professional advice on security. This can both save time and ensure the security measures cover the business needs
– Encrypt important information for extra security so that only authorised users will be able to access them
– Using the internet and email to conduct business means that data loss becomes a risk. Develop a clear email policy and raise online security awareness and issues with employees
– Back up your files and check your insurance cover so that you can get business up and running again quickly in the event of an incident.
– Items like laptops and computer monitors are common targets for thieves and the real cost of a stolen IT asset isn’t just the hardware, it’s the lost data and the lost productivity. Lock servers in a room and move laptops into a secure drawer at the end of a working day
