Get All Access for $5/mo

How SMBs can diminish the risk of a data breach Perceived notions of 'high-cost investment', ignorance and a mindset 'who would target us' makes the SMBs, a hacker's goldmine. This perspective needs a re-set

By Karmesh Gupta

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

shutterstock

For any economy, SMBs are the backbone. The intent to scale and grow faster generally makes business owners to invest money in areas where returns can be multiplied. Unfortunately, cyber security at the moment is not realized as an important element by SMBs. High cost of investment and the mindset "who would target us' can be cited as the key reasons to not incorporate healthy security architecture. Ironically, this ignorance makes SMBs, a hacker's goldmine. As an outcome, customers lose trust and marketing campaigns cannot repaint it.

If we in fact consider the numbers, a 100-people company can make itself safe by just spending 3K per person, per year, lesser than a yearly party budget of an employee. It is about a perspective change that needs to be built.

There are multiple ways a data breach can happen. Understanding all the aspects is necessary to diminish the risk by a large extent.

1. Office Network Attacks

Using a weakly-configured router at the gateway of LAN and WAN becomes the root cause of entry of any intruder. Once the network infra is accessible, any of the connected nods i.e. computer systems, servers, IP Cameras, IP-Pbx etc. are vulnerable.

SMBs must incorporate the use of Network Security Gateway like Firewall etc. with proper rules to ensure that intrusion becomes arduous. Typically, a firewall has gateway anti-virus, IPS engine, Sandbox which ensures that each packet coming in the network is safe. It also primarily helps businesses to connect their multiple branches via secured way through VPN. Features like Content Filtering and QoS help in enhancing the employee productivity by limiting their access to only work related content.A fire wall may cost around INR 75K for first year, and later annual renewals around INR 30K.

2. Website and Cloud-hosted Application Attacks

Due to the penetration of cloud technology, businesses mostly host their web and database on any of the prevalent platform like AWS, Google Engine, Azure etc. The instances have limited computing capacity and hence can serve up to a certain number of users.

Attackers may run a DDoS on the public IP of your server and as the request crosses the threshold value, system would go down. Similarly, there can be various types of attacks that can intrude in your hosted content.

Deploying a virtual firewall on the cloud instance takes all your worry away. Objective of Virtual Firewall is almost the same as a physical firewall. The cost could come around INR 25K.

3. End Point Security

Using Corrupt Pen Drives, Hard Disks, downloading free software or movies, clicking ads etc. generally results in the entry of a malware in your computer system. These malwares then have the access of your entire system and can steal and upload any confidential data (like banking details, mail and social media access credentials, financial documents, etc.) on their servers.

Next to the outside hackers, companies are also vulnerable from internal team members. Any of your employees can use a pen drive and take all important data to their home and may upload it publicly for vicious reasons.

Hence it is advised to use an End Point Security solution where a client file is installed onto all your end systems and a server file on the physical server or cloud. The IT administration can then granularly define rules for every individual system. For example, the IT admin may only permit the access of company owned storage devices on client machines. This basically makes any of the external storage devices non-functional, and hence the breach gets prevented.


The IT can block any kind of upload from client machine, which further helps them in preventing leakage of information in the form of mail and social attachment along with cloud upload. Similarly there are more than 90+ functionalities which can be applied as per the need and structure of organization.


End Points also helps in preventing you from ransomware via AV scanning, Patch Management and backing up your important system drives on the physical server or cloud.


Typically, the cost of EPS per machine for a year varies between INR 1000 – INR 1300 depending on the modules purchased. If you don't opt for an EPS, then at least a good Anti-Virus must be installed on all the systems. It costs around INR 400 per machine per year.

4. Attacks due to Improper Configurations and Loosely Patched Softwares or OS

Just deploying the above products may not mitigate the risk until they are well configured. Hackers may find the way to invade and hence vulnerability assessments should be exercised.

It is important to have yearly assessments and audits of your digital assets. This helps SMEs to learn about the open doors and related consequences. Based on the generated reports, the IT administration can work on to fix them and ensure tighter protection.

Any reputed cyber security service company would be willing to do the job for around INR 80K.

Karmesh Gupta

CEO & Co-founder, Wijungle

Karmesh Gupta is an Indian Entrepreneur and the Co-Founder and CEO of the Cyber Security company WiJungle. He was featured as the youngest recipient in Forbes 30 Under 30 Asia List (Enterprise Technology) of the Year 2020. Born and brought up in Alwar, Rajasthan, Karmesh started his journey in 2013 with Rajasthan Royals while he was in the second semester of his graduation. Later he worked with Lucideus as a Cyber Security Analyst before co-founding HttpCart Technologies in October 2014.

 

HttpCart became the first Indian private company to roll out a completely free wifi service in 2015. With time, the company shifted its focus towards cybersecurity and launched the World’s first Unified Network Security Gateway under the brand name WiJungle. WiJungle currently serves government and private giants globally and ranks among the top-rated Network Security Vendor as per market research firm Gartner.

Leadership

Visionaries or Vague Promises? Why Companies Fail Without Leaders Who See Beyond the Bottom Line

Visionary leaders turn bold ideas into lasting impact by building resilience, clarity and future-ready teams.

Business News

Former Steve Jobs Intern Says This Is How He Would Have Approached AI

The former intern is now the CEO of AI and data company DataStax.

Side Hustle

'Hustling Every Day': These Friends Started a Side Hustle With $2,500 Each — It 'Snowballed' to Over $500,000 and Became a Multimillion-Dollar Brand

Paris Emily Nicholson and Saskia Teje Jenkins had a 2020 brainstorm session that led to a lucrative business.

Science & Technology

5 Automation Strategies Every Small Business Should Follow

It's time we make IT automation work for us: streamline processes, boost efficiency and drive growth with the right tools and strategy.

Marketing

5 Critical Mistakes to Avoid When Giving a Presentation

Are you tired of enduring dull presentations? Over the years, I have compiled a list of common presentation mistakes and how to avoid them. Here are my top five tips.

Science & Technology

Why Businesses Are Relying on Automation to Survive the Labor Crisis

Robots are revolutionizing industries by addressing labor shortages and enhancing efficiency, while businesses navigate challenges like workforce adaptation and high implementation costs.