Pramodh Menon, Senior Vice President, Commercial, Cisco India & SAARC
As SMBs in India increasingly adopt IT, ignoring network security might be a huge risk
Technology has become the heart of the new economic era. It is impossible to operate, let alone grow a business in the 21st century without utilizing technology. Regardless of the business, technology is an inevitable investment. But unlike large enterprises, Small and Medium businesses (SMBs) with limited IT expertise look at technology for survival. The critical nature of data and communications in today's SMB business environment must be secure. Establishing a secure network foundation will enable protection of the authenticity and integrity of data on the network.
According to a recent AMI Partners report, Small and Medium businesses in India (with up to 999 employees) are on track to spend over $161 million on IT security solutions this year, up a whopping 41% over last year. Most of these businesses have experienced malware attacks and hard drive failures over the past 12 months, emphasizing the need for better network security.
But the SMB community has its limitations. They want solutions that are effective but inexpensive, and are sometimes reluctant or unable to invest significant amounts of capital in IT infrastructure and security solutions. Widely reported security threats, vulnerabilities and hacks cost businesses millions of dollars, even putting them out of business for good-have hit home. So today, while SMBs might have to be conservative with their IT a budget, good security is a recognized need. Their challenge is to integrate security into their infrastructure with their limited budgets.
SMBs are often characterized as late adopters of IT and so they typically avoid experimenting with unproven, leading edge solutions. But once technology is proven and the price has declined to the point where it is affordable for a smaller company, SMBs invest in solutions like their larger counter parts. Considering that most SMBs don't have the resources to apply complex network security, a comprehensive pre-packaged security solution works the best.
The Internet has given SMBs a necessary boost to reach out to all their customers. It has also been responsible for enormous growth in digital information that was previously stored on paper-based records or computer systems that were not connected to the Internet.
Unfortunately, these advantages allow business-critical applications and data to be accessible on the Web, resulting in security drawbacks. It is vital that SMBs understand these drawbacks in order to ensure continued safety and reliability in the use of the Internet as a business tool. Network security issues that SMBs should be educated about and prepared for include terms that are now common for businesses of all sizes. These include:
- Distributed Denial of Service (DDoS) attacks
- Data theft
- Trojan Horses
- Intellectual Property (IP) theft
- Phishing and Spear Phishing
These terms are now understood by an increasing number of business people without IT expertise, which is a clear indicator that SMBs are beginning to realize that securing their business is necessary and cannot be ignored. The size and nature of business makes no difference because most security threats are completely blind to any distinctions. The common assumption that SMBs are too small to be targeted by an attack is simply not true in today's environment.
Some forward-thinking businesses have moved beyond email and instant messaging (IM) as the primary communication tools that leverage the network, to implementing Voice over Internet Protocol (VoIP) technologies to transport voice communications over networks and enable the use of unified communications platforms. As a result, email, IM, voice mail, telephone calls, call forwarding, and presence indicators can be combined to simplify communication with employees, partners, and customers regardless of location.
As SMB networks grow in complexity and look for vertical specific solutions, vendors are offering various solutions, which promises to tackle all the threats. New-age SMBs no longer view security as a single product or solution, but as an in-depth system that must be integrated throughout the network. The best way to manage network security is through a systematic, architectural approach that addresses the entire network lifecycle and is built upon a standard infrastructure. A major trend observed recently is the emergence of a Self-Defending Network for SMBs where security is integrated everywhere and with a lifecycle services approach, enterprises can design, implement, operate and optimize network platforms that defend critical business processes against attack and disruption, protect privacy, and support policy and regulatory compliance controls.
Securing an SMB network in a globally interconnected marketplace is not easy. However, is a challenge that can be met and successfully conquered with commitment and understanding the stakes of the business. Security is about business survival and only the SMBs that implement a layered security strategy will protect business revenues and the brand, while cementing customer loyalty. The choice is simple and SMBs that want to survive can no longer wait to secure their businesses.