Recent research conducted by Home Depot suggests small and midsize businesses are blissfully unaware of the risks posed by criminal hackers. Of the 1,000 SMBs surveyed, 66 percent were confident their data and devices were secure. Backing up this belief, 77 percent indicated they've never experienced a cyberattack. Meanwhile, 80 percent don't use any form of data protection. Your employees could be in danger, as well as your business. You otherwise protect your business from theft, so why would you put yourself at risk with lax cybersecurity?
What's at Stake? There are many reasons to be wary of the online activities of your employees. The threat of cybercrime hasn't appeared to lessen as perpetrators of illicit online activities constantly find new ways to negotiate the security systems that are put in place to protect sensitive information. Small-business owners are at a heightened risk of falling victim to malicious software online, according to Forbes citing the 2012 Data Breach Investigations Study released by Verizon. The research shows in 855 investigations of data breaches, 71 percent occurred in small businesses -- those with fewer than 100 employees (Tweet this Stat!). The most recent Verizon study indicates similar threats to the cybersecurity of small businesses, as 72 percent of breaches involved hacking and 54 percent resulted from malware.
One of the simplest ways to protect your business is by making sure your email systems are secure. Most businesses have a system in place to filter out spam and other messages that likely contain viruses, worms and various types of malware. Encrypted email guards against information being exposed during transmission and storage. This can help SMBs avoid sensitive content from being accessed by unauthorized recipients. In the simplest terms, email encryption transforms plain text into a code that can only be read by legitimate parties. If an email containing sensitive information was intercepted, the data would remain secure. Different types of protective software allow companies to manage users to help organizations avoid sending out information to unintended parties.
A Cautionary Tale If you don't begin making your email communications and organization more secure, it can be costly. The New York Times looked into the case of the entrepreneur and MyBizHomepage founder Peter Justen and found he was still struggling to get his business back on its feet in 2012 after it suffered a cyberattack in 2008. For some background, the company was valued at $100 million by its investors who were attracted by the free financial planning platform and looked forward to making money through advertisements on the site. Justen's idea was to offer a cost-effective companion program to QuickBooks, so that small-business owners could easily recognize the opportunities or setbacks associated with their finances. However, things took a turn for the worse when he fired his chief technology officer for conspiring with two other colleagues to start up a competing company. Afterward, MyBizHomepage started malfunctioning and Justen -- as well as board members -- found their personal email accounts had been hacked and people on the contact list had been sent nefarious messages. As a result, Justen had to start over or face bankruptcy.
One issue this case demonstrates is the fact that malicious threats can come from the inside as well as from external sources. When you don't protect sensitive information, especially data exposed in email communication, you leave your business at risk of cyberattacks. What's more, you could be failing to comply with U.S. law, depending on which state your business is located in. For instance, Massachusetts and Nevada mandate email encryption for messages containing personally identifiable information.