Get All Access for $5/mo

How SMBs can diminish the risk of a data breach Perceived notions of 'high-cost investment', ignorance and a mindset 'who would target us' makes the SMBs, a hacker's goldmine. This perspective needs a re-set

By Karmesh Gupta

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

shutterstock

For any economy, SMBs are the backbone. The intent to scale and grow faster generally makes business owners to invest money in areas where returns can be multiplied. Unfortunately, cyber security at the moment is not realized as an important element by SMBs. High cost of investment and the mindset "who would target us' can be cited as the key reasons to not incorporate healthy security architecture. Ironically, this ignorance makes SMBs, a hacker's goldmine. As an outcome, customers lose trust and marketing campaigns cannot repaint it.

If we in fact consider the numbers, a 100-people company can make itself safe by just spending 3K per person, per year, lesser than a yearly party budget of an employee. It is about a perspective change that needs to be built.

There are multiple ways a data breach can happen. Understanding all the aspects is necessary to diminish the risk by a large extent.

1. Office Network Attacks

Using a weakly-configured router at the gateway of LAN and WAN becomes the root cause of entry of any intruder. Once the network infra is accessible, any of the connected nods i.e. computer systems, servers, IP Cameras, IP-Pbx etc. are vulnerable.

SMBs must incorporate the use of Network Security Gateway like Firewall etc. with proper rules to ensure that intrusion becomes arduous. Typically, a firewall has gateway anti-virus, IPS engine, Sandbox which ensures that each packet coming in the network is safe. It also primarily helps businesses to connect their multiple branches via secured way through VPN. Features like Content Filtering and QoS help in enhancing the employee productivity by limiting their access to only work related content.A fire wall may cost around INR 75K for first year, and later annual renewals around INR 30K.

2. Website and Cloud-hosted Application Attacks

Due to the penetration of cloud technology, businesses mostly host their web and database on any of the prevalent platform like AWS, Google Engine, Azure etc. The instances have limited computing capacity and hence can serve up to a certain number of users.

Attackers may run a DDoS on the public IP of your server and as the request crosses the threshold value, system would go down. Similarly, there can be various types of attacks that can intrude in your hosted content.

Deploying a virtual firewall on the cloud instance takes all your worry away. Objective of Virtual Firewall is almost the same as a physical firewall. The cost could come around INR 25K.

3. End Point Security

Using Corrupt Pen Drives, Hard Disks, downloading free software or movies, clicking ads etc. generally results in the entry of a malware in your computer system. These malwares then have the access of your entire system and can steal and upload any confidential data (like banking details, mail and social media access credentials, financial documents, etc.) on their servers.

Next to the outside hackers, companies are also vulnerable from internal team members. Any of your employees can use a pen drive and take all important data to their home and may upload it publicly for vicious reasons.

Hence it is advised to use an End Point Security solution where a client file is installed onto all your end systems and a server file on the physical server or cloud. The IT administration can then granularly define rules for every individual system. For example, the IT admin may only permit the access of company owned storage devices on client machines. This basically makes any of the external storage devices non-functional, and hence the breach gets prevented.


The IT can block any kind of upload from client machine, which further helps them in preventing leakage of information in the form of mail and social attachment along with cloud upload. Similarly there are more than 90+ functionalities which can be applied as per the need and structure of organization.


End Points also helps in preventing you from ransomware via AV scanning, Patch Management and backing up your important system drives on the physical server or cloud.


Typically, the cost of EPS per machine for a year varies between INR 1000 – INR 1300 depending on the modules purchased. If you don't opt for an EPS, then at least a good Anti-Virus must be installed on all the systems. It costs around INR 400 per machine per year.

4. Attacks due to Improper Configurations and Loosely Patched Softwares or OS

Just deploying the above products may not mitigate the risk until they are well configured. Hackers may find the way to invade and hence vulnerability assessments should be exercised.

It is important to have yearly assessments and audits of your digital assets. This helps SMEs to learn about the open doors and related consequences. Based on the generated reports, the IT administration can work on to fix them and ensure tighter protection.

Any reputed cyber security service company would be willing to do the job for around INR 80K.

Karmesh Gupta

CEO & Co-founder, Wijungle

Karmesh Gupta is an Indian Entrepreneur and the Co-Founder and CEO of the Cyber Security company WiJungle. He was featured as the youngest recipient in Forbes 30 Under 30 Asia List (Enterprise Technology) of the Year 2020. Born and brought up in Alwar, Rajasthan, Karmesh started his journey in 2013 with Rajasthan Royals while he was in the second semester of his graduation. Later he worked with Lucideus as a Cyber Security Analyst before co-founding HttpCart Technologies in October 2014.

 

HttpCart became the first Indian private company to roll out a completely free wifi service in 2015. With time, the company shifted its focus towards cybersecurity and launched the World’s first Unified Network Security Gateway under the brand name WiJungle. WiJungle currently serves government and private giants globally and ranks among the top-rated Network Security Vendor as per market research firm Gartner.

News and Trends

FinX and FirstClub Raise Early-Stage Funding

The startups listed below have disclosed investment rounds.

News and Trends

Talent, Digital Infra, Policy, and Startups Driving India's GCC Ecosystem

By leveraging its demographic dividend and evolving policies, India is uniquely positioned to become the preferred choice for global enterprises seeking scalability, resilience, and a future-ready operational base.

News and Trends

Kalaari Capital's CXXO Initiative Sheds Light on Women Entrepreneurs' Struggles

The report highlights key findings on the gender funding gap, unconscious biases, and the resilience of women entrepreneurs.

Growth Strategies

Indian Graduates' Employability Rate Reaches 54.81 per cent: Report

By addressing regional disparities, fostering gender diversity, and equipping graduates with both technical and soft skills, stakeholders can harness the full potential of the nation's workforce.

Entrepreneurs

Skills for the New Age Wedding Entrepreneur

These key skills are essentials for wedding entrepreneurs today, but when supplemented by refined taste that lends itself well to curating ideas for every budget, they make for an exceptional bouquet of services

News and Trends

Uber Launches Moto Women in Bengaluru, Connecting Female Riders with Female Drivers

Uber Moto Women aims to ensure safety with real-time trip sharing, anonymised contact details, and RideCheck monitoring for irregularities. It also offers 24x7 priority support via Uber's Safety Helpline for women riders and drivers.