Published/updated: September 2011
Over the years, research findings have consistently demonstrated widespread exposure to risk when it comes to data protection and security among smaller businesses, writes Dale Vile, managing director of Freeform Dynamics.
With increasing use of the internet and an increasing reliance on electronic data, there are a lot of accidents just waiting to happen.
This was the foundation for a roundtable attended by two of us from Freeform Dynamics on 1 September. Hosted by Symantec, and held at the Department for Business, Innovation & Skills in London, the main speakers and panel members were: James Caan, entrepreneur; MichŤle Barker, Department for Business, Innovation & Skills; and Ross Walker, director for small business at Symantec Corporation.
Barker highlighted firstly how dependent the UK economy is on small and medium enterprises (SMEs), and secondly how dependent SMEs have become on IT and the internet. Good IT security for SMEs is therefore essential.
Walker said IT security solutions are becoming more accessible to SMEs. But suppliers, big IT suppliers in particular, are often guilty of using language that may be meaningful to large enterprises, but goes totally over the heads of many SMEs.
James Caan, in typical Dragon style, cut to the chase with his high-level analysis of the situation. He pointed out that we have SMEs with widespread need for security on one side of the equation, and an ability by suppliers to meet that need at relatively little cost to the customer on the other. The key question is therefore simple - how do you bring the two sides together?
In the discussion that ensued, it was clear that while the question might be simple, the answer is not.
SME networking and support groups
Government or government-sponsored education is useful, but not sufficient to deal with the problem. Tapping into SME networking and support groups is one possible solution.
A strong advocate of this was a journalist who spoke about the work of some of his colleagues in running an online community-based forum for small businesses. Many of the participants in the forum were actually quite savvy when it came to IT and security - they just need better support from suppliers.
Valuable though this anecdote is, we caution that Freeformís research, which uses a mix of online, phone and face-to-face techniques, often reveals that you need to be careful about how representative online activity is of the SME community as a whole.
The reality is that whether itís online or through more traditional groups, such as local chambers of commerce, for every small business that participates in such things, there are many more that donít - and these are the ones that we should be really worried about.
SMEs need mentors
The biggest problem that exists when it comes to security and data protection is that business managers and IT generalists operating in that space often donít know what they donít know. Many havenít considered the implications of the way they are using IT and the internet, and even those that have are frequently unaware that most of the challenges can be dealt with cost-effectively with the right solutions.
One possible answer to this put forward at the roundtable was mentoring. Mike Southon, himself a mentor, as well as a renowned entrepreneur, speaker and FT columnist, said that experienced peers providing advice and guidance is invaluable.
A mentor can not only articulate needs and solutions in a way that is meaningful, they also have no vested interest in a commercial outcome - e.g. a product or service sale. Genuine mentors do not even charge for their own time.
The challenge that remains, however, is reach. While online communities are open to all in theory, they only touch a subset of the SME sector in practice. Organisations such as Yoodoo Media broaden access to the mentoring approach, particularly for start-ups, but the question of reach remains.
Which brings us to an extremely important part of tackling the SME security challenge. Think about the entities that pretty much all smaller businesses have to touch as part of setting up and operating. They include their bank, their accountant, their telco provider and the people from whom they buy PCs, printers, software and other essential IT solutions - i.e. the technology retailers and resellers that make up the IT channel. This last group is key because it provides a combination of both reach and potential capability to deliver.
With this in mind, it was interesting listening to Wayne Cockerill at the roundtable. He runs an IT solutions company in the North of England that services the local SME community, reselling products from Symantec, Microsoft and others. He alluded to the constant challenge of having to translate tech-related gobbledegook put out by big suppliers into something meaningful to his customers, but also the need to help customers appreciate the risks and define the problem in business terms.
A coordinated approach to security and data protection
For a full service organisation such as Cockerillís, this is challenging but achievable. And if other players in the channel are to play their part, there is a need to help them understand how to engage with their customers around security and data protection.
They need to bridge the gap between that conversation and exchanges taking place continually around the provision of hardware and software. The basic idea is to piggy-back the risk discussion on the back of conversations and transactions that are already taking place.
But none of this can happen without investment and commitment from the big IT suppliers, so it was encouraging to hear that Symantec is providing tools to partners to help them better engage with SMEs, matching solutions to needs. Investment in SME-friendly delivery mechanisms such as cloud is an important part of this.
Martha Bennett from Freeform Dynamics probably summed it all up the best when she spoke about the need for a coordinated approach in which suppliers, channel partners, advisors and special interest groups work together to tackle the problem.
CLICK HERE TO VIEW ORIGINAL PUBLISHED ON
By Dale Vile & Jack Vile
Making the right technology investments in todayís fast moving digital age can mean the difference between success and failure in pretty much any industry. But how well are decisions are actually being made in this space? ...more
By Dale Vile
Some argue that IT operations doesnít matter anymore; itís all about developers. Our aim in this paper is to re-balance the discussion based on research in which feedback was gathered from over 400 European IT professionals. ...more
By Dale Vile & Jack Vile
We often hear that cloud computing dramatically reduces the need for in-house IT teams, and might even lead to their ultimate demise. The research reported here provides a very different view based on analysis of real business objectives and actual experience. ...more
By Dale Vile & Jack Vile
As technology becomes smarter, more opportunities arise to exploit AI, machine learning and other forms of intelligent systems to drive efficiency and transformation. But whatís the impact on IT teams? ...more
By Tony Lock
Have we all been caught asleep at the capacity planning wheel? Business users today want, and expect new IT services to be delivered in the blink of an eye, the necessary resources provisioned instantly, and changes made ďon demandĒ. ...more
By Dale Vile and Tony Lock
Itís easy to be caught out by a cyber attack or internal mistake that leads to your customersí data or important intellectual property ending up on the black market. Making sure your business is adequately protected and is able to respond effectively ...more
By Dale Vile, Tony Lock & Jack Vile
Application programming interfaces (APIs) have been around for decades. In the early days of IT they were primarily used to give programmers convenient access to libraries of prebuilt functions. As systems became more distributed, APIs found their place ...more
By Dale Vile & Jack Vile
The world we live in is increasingly digital. As the smart use of technology leads to markets speeding up and becoming ever more unpredictable, a strong set of established offerings and execution capabilities only gets you so far. Feedback from 1,442 IT ...more