"I work with each department to build working relationships surrounding the core of security, and communicate how the security measures are woven into the work efforts of each department. I avoid plans that make security a new project, or that involve more time from departmental personnel," says Schill.

Thus, if a new network segment is going to be built, try to weave the security of that network into the early phases of the budget. The same applies with new wireless networks, Web applications and other initiatives. Most SMB security managers agree that they have a better chance of success that way, rather than trying to get funding after the project already is fully planned and in deployment.

Yet properly managing and securing those applications and their underlying infrastructure isn't easy for the typical SMB. SMBs must operate with tighter budget constraints and fewer staff than their big enterprise competitors. This makes it all the more important for security officers in these businesses to work with managers across the organization.

When it comes to securing their systems, smaller businesses probably won't have a single manager dedicated to shoring up networks and applications, while it's common for big business to have dedicated CISOs, as well as teams of network and application security specialists. Unfortunately, SMBs often are focused on delivering their products and services, or believe they're too small to be targeted by criminals.

"Many SMBs focus on product delivery and have little interest in putting security controls in pla...

In fact, less than one-third of the CDW survey respondents have completed formal BC/DR plans, and only 29 percent employ at least one full-time IT professional. Skimping on relatively small expenses for proper IT management, BC/DR and information security is a risky way to run any business. But smaller businesses in particular cannot afford a single breach or a disaster such as a fire or flood that wipes out the physical offices and data. For the unprepared, any of these events can strike a devastating blow.

SECURITY MEANS BUSINESS
A new twist on the attitudes toward data security is starting to emerge. Consumers, business customers and partners increasingly care about how well their data is being protected by those with whom they're doing business. In March 2007, a survey by Javelin Strategy & Research revealed a correlation between a consumer's perceptions of a retailer's reputation for protecting credit card information and their willingness to shop with that retailer. A staggering 78 percent of respondents said they'd be unlikely to shop at a retailer following a breach of customers' data.

Despite the risks, many small businesses still are hesitant to invest much into their IT security efforts.

"Security concerns are the same for them as they are in larger companies. But putting in the proper security controls, software and processes is difficult if you're working at a business that won't provide the budget," says Schill.

< PREV PAGE   |   1  |   2  |   3  |   NEXT PAGE  >