Essential Guidance for Small Businesses

opening door

Small businesses are becoming more sophisticated when it comes to using technology. Their adoption of formerly “big company” solutions, such as virtualization and cloud computing is growing, but small businesses actually are leading the pack when it comes to a dependence on personal mobile devices for business use. IDC sees these three key technologies merging in the future as small businesses realize their adoption can help them compete against much larger corporations.

Unfortunately, living in a mobile, virtualized, cloud-based world raises key security concerns. It is harder to safeguard valuable company assets when the very nature of business today demands openness. Critically, as security becomes more complex, it requires specialized expertise; expertise that few small businesses have.

Therefore, more small businesses are looking to bring that expertise in-house, whether it is in the form of a software application, freeware or a suite of products and services. In addition, small businesses face the same IT challenge as enterprises: how to gain more from resources without breaking the bank.

In order to select the best security option for their needs, IDC recommends that small businesses first identify what actually needs to be secured. Is it simple virus protection, or fending off full-blown attacks by those with malicious intent? Do mobile workers need their devices protected or can company assets be protected by controlling who has access to company resources? This means starting with a security audit.

Companies should ignore what solutions are available or what fits into a particular budget, and focus on real needs. Security breaches can cause major hardships, ranging from financial damage to irreparable harm to a brand reputation. So an audit can highlight key functions that must be secured, those that should be secured, and those that it would be nice to have secured. Only after the audit is complete, should a business consider budget limitations.

Security should be considered an investment, not a cost. But small businesses should remember the old saying “you get what you pay for.” While freeware, for example, sounds attractive, there are challenges such as potential lack of support and an inability to upgrade as needed versus when the freeware happens to be upgraded. Packaged solutions can be a good start, but offer challenges for quickly growing or evolving businesses.

Finally, while cloud-based security services may be a good option, some small businesses are not ready to give up the control they have over in-house solutions and many offer more than what a company needs. But cloud-based security solutions can turn capital expenses into predictable operating expenses.

IDC suggests asking the following questions when selecting a security solution:

  • Do the products and services offered match the business needs?
  • Can the solution be easily integrated into existing IT infrastructure?
  • How much security expertise is really needed to properly install and manage the solution?
  • How easy is it to customize the solution?
  • How are mobile workers and devices managed?
  • Is the solution cloud compatible?
  • How easy is it to add more capabilities as business grows?
  • What are the expected levels of protection?
  • As the security landscape changes, how is the solution kept current?

Ultimately, small businesses may need to opt for cloud-based security, but are cautioned to not settle for a scaled-down version of a complex enterprise solution. Rather, they should look for security-as-a-service solutions that are geared towards the specific needs of small businesses.