Always built on innovative ideas, intellectual property and the collective vision of its founders, startups take years to turn dreams it into real business plans and obtain funding to start operations.
But a new business can find itself in a spider web of competition and intense pressure to grow the business. There is hardly time to think about issues like Security. But when problems do occur, loss of critical business information is inevitable.
Complete IT Systems and Lenovo take a look at how you can start your business the right way and without breaking the bank in this age of unprecedented cyber security attacks.
Why are startups more susceptible to security issues than more established companies?
Most of the focus (understandably!) is on acquiring customers and driving profitability
According to a recent study by Champlain College, 60% of small businesses fail within six months of suffering a cyber-attack. Almost 31% of all cyber-attacks targeted companies with fewer than 250 employees. The point is that startups often rely on the perception that they aren’t significant enough to warrant the attention of cyber criminals. Criminal intent, on the other hand, will find the most natural targets first. As the IT resources of most startups are directed towards growth rather than security, these organisations are comparatively easy targets.
Lack of detailed data security policies
Lesser capacity to sustain ‘damage.’
Big companies have dedicated resources and funding assigned to ensuring IT security. While damaging, a one-time data breach is not necessarily business-crippling to them. According to this ZDNet post, “The larger Target breach, which occurred in late 2013 and exposed over 40 million credit and debit card account numbers as well as 70 million other PII (Personally Identifiable Information) records ended up costing the company about $105 million, after subtracting insurance reimbursement and tax deductions for breach-related expenses. That is less than 0.1% of the company’s 2014 sales”. However, 60% of small companies fail after IT security problems. Security problems can be more damaging to a startup, compared to a large and established business.
What’s the easiest way to increase security?
End-point security is the simplest and easiest way to boost security and protect your business. It ensures that only bonafide employees can access company PCs and data. It is the first and most crucial component of IT security infrastructure. Without it, even the most sophisticated IT security solution is incomplete. For startups, end-point security assumes even greater significance because it is easily accessible, affordable and straightforward to manage.
End-point security is the overall term for three categories of protection:
User access control
This set of technologies protects unauthorized persons from accessing company PCs. It doesn’t depend on passwords only, which can be stolen or hacked, but on a potent combination of biometric and secondary identifications.
Port & hardware protection
Port security features controlled help protect against theft of data from the USB and other access ports on company PCs. Hardware protection includes features that prevent access to the chassis of desktops and workstations, and also for inbuilt devices like cameras.
Data needs to be protected from theft, and from inadvertent loss due to technical failures. Backing up data efficiently and automatically can be the strongest ‘peace of mind’ factor for startups. It is also necessary to ensure that if data loss or theft occurs, it is recoverable only by you, and unusable by thieves because of strong encryption.
What are the end-point security features that matter?
User Access Control
- FPR (Fingerprint Recognition): A biometric security feature which requires the user to authenticate themselves using a fingerprint.
- Smart Card Access: A highly secure way of storing login information in tamper-proof cards, that can also be used to manage access to multiple devices without using passwords.
- NFC (Near Field Communication): NFC is a type of radio communication standard, much like Bluetooth, WiFi and other networking technologies. To snag the NFC signal to log in, the user needs to be physically close to the company’s PC, with the right NFC tag or secondary device.
Port & Hardware Protection
- Smart USB protection: This is a USB security solution which blocks the data transfer capability of the USB port, but still keeps it functional for input devices like mouse and keyboard.
- Camera Shutter: Camera hacking risks can be avoided by physically covering the camera. With the shutter built into the camera, protecting privacy just requires closing the camera cover.
- Chassis lock: A lock and key mechanism for the chassis that prevents theft of components, including hard drives and graphics cards.
Full Drive Encryption (FDE): This is a method for encrypting hard drives in such a way that all data on the drive is always encrypted, without the use of third-party encryption solutions. FDE drives encrypt data on the disk by default. Used along with a hard drive password, FDE prevents unauthorised users from booting the drive and accessing your data, while full disk encryption prevents more sophisticated attacks, such as attempting to retrieve data directly from the drive’s platters.
Online Data Backup: Compared to tape archives, backing up your business data automatically online offers better speed and ease of use. Business continuity is assured when technical or natural disasters strike.
Hard drive retention: When a hard drive is replaced under warranty, this add-on service allows the company to retain the original drive. It ensures the data is always in safe hands and is never handed over to a third party.
Built-in security features of Lenovo products: