Group items tagged

Small business owners' cybersecurity policies and actions are not adequate enough to ensure the safety of their employees, intellectual property and customer data, according to the 2009 National Small Business Cybersecurity Study. The study, co-sponsored by the National Cyber Security Alliance (NCSA) and Symantec [Nasdaq: SYMC], as part of this year's National Cyber Security Awareness Month, surveyed nearly 1,500 small business owners across the United States about their cybersecurity awareness policies and practices.

The survey shows discrepancies between needs and actions regarding security policies and employee education on security best practices.

The study found that while more than 9 in 10 small businesses said they believe they are safe from malware and viruses based on the security practices they have in place, only 53 percent of firms check their computers on a weekly basis to ensure that anti-virus, anti-spyware, firewalls and operating systems are up-to-date and 11 percent never check them.

1. The growth of cloud computing is astounding. It is estimated that the worldwide cloud computing market is $8 billion with the U.S. market accounting for approximately 40% of that: $3.2 billion.  According to Gartner’s 2011 predictions, number one on their list of Top Strategic Technologies is Cloud Computing. Gartner also predicts that the SaaS market will hit $14 billion in 2013.

2. Cloud Computing Software Solutions VS Desktop Applications The most common reason why small businesses choose cloud computing solutions over desktop applications is this: It is less expensive because you pay a small monthly amount instead of a one-time fee as it works now with traditional desktop software. On a cash-flow basis, it is less costly because your cloud based apps are often slightly less costly than an annual purchase or upgrade for common programs.  However, you have to look closely at the pricing plans and details for each application.

3. Cloud Computing Solutions are available all the time – no matter where you are. For some business users that operate virtual offices or operate remotely on different machines depending on location and they need the application to be accessible from a web browser. That is one of the biggest advantages of cloud computing– it is available wherever you have access to a computer and browser.

Now, in a survey of more than 600 small business owners and executives, the Ponemon Institute has tried to put a number on the cost of credit card account fraud for those vulnerable targets, comparing the damage with the cost of physical theft by employees or burglars. The result: While identity theft takes less from businesses per incident than either robberies or crooked employees, it hits them often enough that it's an equally costly or even costlier problem. According to Ponemon's study, the median account fraud incident costs a business $5,136. That's much less than the $9,913 the respondents attributed to the median cost of a burglary or $17,517, the cost they attributed to an employee theft case. But take the frequency of those incidents into account, and the pain adds up. About 86% of businesses have suffered from account fraud, more than the 77% who have been robbed or the 63% whose employees have stolen from them. And among those victims, most businesses experience employee theft either once (32%) or zero times a year (41%). Robberies are less costly but more frequent: Most businesses report them either once (29%) or between two and five times a year (38%). Account fraud is far more frequent: 45% of businesses have been digitally defrauded two to five times in the last year, and 38% have been defrauded more than five times.

According to Conner, cybercrooks are now targeting small business: "We are in an arms race with sophisticated, high tech enemies who are now concentrating on smaller business bank accounts in addition to their continued efforts to steal from large corporations." To combat the risk, Conner suggests that small businesses employ a "triple threat" security package that would include

According to Brian Krebs, a journalist who has covered this issue extensively, "Most companies that get hit with this type of fraud quickly figure out that their banks are under no legal obligation to reimburse them."

So how does this type of fraud occur, and what can you do to protect yourself? Typically, the bad guys are able to plant malware on the victim's computer and then use that to access the company's online banking profile. They then use that information to transfer huge sums of money out of the targeted accounts.

As of April 2010, only about 7% of small-business owners were using cloud services, but that number is expected to grow to more than 10% by mid-2011, according to a survey by technology-research firm IDC.

Half of small firms that use "the cloud" say it has improved their bottom line, according to a survey this fall by Microsoft Corp., which provides cloud services.

A number of surveys show that some business owners are hesitant to try cloud computing because they don't want to stray from familiar systems or invest in new ones. Some owners that have made the switch, however, say it has been a boon to their cash-strapped firms.

AVG's research shows that: * 83% agree that having the right level of IT security protection is critical to their business * 77% say that a security threat could have a significant negative impact on their business * 55% feel they can make IT security decisions without 3rd party influence * However, only 48% have a clear IT security policy in place for their staff, leaving most at the mercy of what employees decide to download or access online * As a result, perhaps not surprisingly, 1 in 4 have experienced a security breach * Most worryingly, 1 in 7 have no security software or systems in place at all AVG also asked small businesses whether they expect to see growth in the next five years - 61% of UK and 74% of US small businesses say that they do.

The Red Flags Rule is an anti-fraud regulation, requiring “creditors” and “financial institutions” with covered accounts to implement programs to identify, detect, and respond to the warning signs, or “red flags,” that could indicate identity theft. The financial regulatory agencies, including the FTC, developed the Rule, which was mandated by the Fair and Accurate Credit Transactions Act of 2003 (FACTA).

The FTC’s Red Flags Web site, www.ftc.gov/redflagsrule, offers resources to help entities determine if they are covered and, if they are, how to comply with the Rule. It includes an online compliance template that enables companies to design their own Identity Theft Prevention Program through an easy-to-do form, as well as articles directed to specific businesses and industries, guidance manuals, and Frequently Asked Questions to help companies navigate the Rule.

"The vast majority of staff in any organisation are trustworthy and honest. However, businesses are now beginning to realise and understand the scale of the threat posed by the small proportion of staff that act dishonestly and defraud their employer."

According to the ACFE 2010 report on occupational fraud the median length of the schemes was 18 months from the time the fraud began until the time it was detected. The median loss caused by the occupational frauds in the report was $160,000. Nearly one-quarter of the cases caused at least $1 million in losses and nine cases caused losses of $1 billion or more.

Historically, the most serious threat from staff fraud has been centred on relatively senior employees in management positions. However, the major threat has now shifted down the organisational hierarchy to more junior members of staff, who have access to, and responsibility for, more confidential customer and payroll data than ever before,"

When small organizations (100 users) move to the cloud, the effective carbon footprint reduction could be up to a 90% savings by using a shared cloud environment instead of their own local servers

For large corporations, the savings are typically 30% or more. In a case study with a large consumer-goods company, the team calculated that 32% of energy use and resulting carbon emissions could be saved by moving 50,000 e-mail users in North America and Europe to Microsoft's equivalent cloud offering.

What accounts for these significant energy savings? Think of cloud computing as being like mass transit. The data center is essentially getting computing applications to carpool or take the bus instead of sitting in their own individual servers. However, unlike mass transit, there is no sacrifice in convenience or performance with this move. Consider the disappointing fact that a typical server in a company often runs at about 10% of capacity, meaning there are lots of servers out there drawing power without doing much computing