One in ten SMEs have suffered from a data hack

Research by specialist small business insurer Hiscox, has found that 10 percent of small businesses in the UK have experienced a data hack. The research also revealed that 90 percent don’t have a cyber-crime insurance policy in place to protect them against the financial, business interruption and legal costs they would incur should they be struck by cyber-crime.

Hiscox found that while four in 10 (41 percent) SME owners are concerned about their computer systems being hacked, only 25 percent are very confident about the security measures their company has in place to protect against these risks. The research also shows that small business owners are more concerned about risks relating to cyber-crime, such as being hacked (39 percent) or phishing (36 percent), than they are of physical items (laptops, customer paperwork) being stolen from the office (31 percent).

Hiscox SME insurance expert, Alan Thomas, commented: “Cyber-crime is costing the UK economy around £11bn a year and while the media is reporting a growing number of high profile data breaches, some small businesses may also be a popular target for hackers because the systems are usually easier to get into and the breach may not be found out for a good few weeks.”

“We know that cyber-crime insurance policies might be the last thing on an entrepreneurs’ mind when they are trying to drive their business forward on a day to day basis, but it is worrying that over one in 10 (13 percent) of these businesses don’t know what security measures they have in place and if they are protected from online crime”, Thomas says.

“It is increasingly important for small companies to evaluate all the risks their businesses face, both online and offline, and include their IT security and protection requirements in the overall contingency strategy.”

Hiscox offers the following security tips to help SMEs protect themselves against online risks:

• Running an enterprise is a full-time activity and if you do not have online technical expertise seeking professional advice on security can save you time and hassle in the long run by ensuring the security measures cover your business needs
• Protect information with an internal ‘need-to-know’ policy. If storing information on a central file server, manage who has access to these files. This can help prevent accidental or deliberate data loss
• Encrypt important information for extra security so that only authorised users will be able to access it
• Using the internet and email to conduct business means that data loss becomes a bigger risk. Develop a clear email policy and raise online security awareness with employees and follow up on suspicious emails even if they’re a one off
• Make it protocol across the business for employees to use numbers and letters in passwords that provide much more robust protection from online criminals.
• Back up your files and check your insurance cover so that you can get your business up and running again quickly in the event of an incident
• Items like laptops and computer monitors are common targets for thieves and the real cost of a stolen IT asset isn’t just the hardware; it’s the lost data and the lost productivity. Lock servers in a room and move laptops into a secure drawer at the end of a working day.