The global pandemic created many unexpected outcomes for the business community, including lost revenue, increased expenses, and unpredictable forecasting. Among other challenges, cybersecurity concerns rose to the forefront like never before, creating uncertainty and unease. However, entrepreneurs will largely prevail, given a resourcefulness that helped Latino small-and-medium sized businesses (SMBs) quickly pivot and evolve for a new world. This grit and determination will make SMBs the driving force of prosperity, and growth engines in a new digital marketplace. The path to prosperity begins with technological adoption, including an increased focus on critical security measures.
Most of us think we’re too smart to fall for phishing scams, and our confidence only grows when logged onto a company network. However, statistics show that nearly one in three security breaches starts with a phishing attack. In consent phishing attacks, for example, the user sees a pop-up from an application requesting extensive permissions. This consent screen lists all the permissions the app will receive, and many users go on to accept the terms uncritically because they assume the app is trustworthy. With the rise in people working from home, these attacks have increased exponentially, taking advantage of remote workers dealing with home-life distractions.
So how does an SMB quickly pivot from relying on centralized operations and IT professionals a few cubicles away, to completely decentralized workers operating from multiple of access points? First let’s have a look at the data.
Microsoft Threat Intelligence teams reported a spike in COVID-19 attacks in early March as cybercriminals applied pandemic-themed lures to known scams and malware. In the same timeframe, Microsoft conducted a survey of nearly 800 business leaders which reported phishing threats as the biggest risk to security, with 90% indicating that phishing attacks have impacted their organization, and 28% admitted that attackers had recently phished their employees or users. Among the key insights were rising security budgets, adoption of cloud-based technologies, and an alarming increase in scams. Notably, successful attacks were reported in significantly higher numbers from organizations with resources on-premises (36%) as opposed to more cloud-based. These statistics serve as evidence that in today’s hybrid work environment, security is a necessity; no longer being viewed as a luxury, nor delayed as a future priority.
For many businesses, the limits of the trust model they had been using, which leaned heavily on company-managed devices, physical access to buildings, and limited access to apps, got exposed early in the pandemic. This evolution was particularly acute in the limitations of basic username/password authentication. But the single biggest cause for optimism is a shift to Zero Trust, which 96% of security decision-makers state as critical to their organization’s success. Zero Trust enhances data security by working under the premise of never trust, always verify, to make sure that every piece of data, app, person, or transaction is secure. Zero Trust architecture will eventually become the industry standard, which means everyone is on a Zero Trust journey.
Based in Los Angeles, California, the Arming Minorities Against Addiction & Disease lnstitute (AMAAD) provides valuable services for underserved youth and adults, including from the Latino community, with programs such as job training and support groups. As the nonprofit grew, it faced the need to up-level its technology to protect email, store documents in the cloud, and provide seamless communication tools for its staff. After the founder sought help with email security at a Microsoft Store, AMAAD decided to deploy Microsoft 365. Now, they are positioned to grow their programs confidently with the digital platform, collaboration tools, and security they need to focus on their mission to facilitate personalized individual access to programs and services that foster safe and supportive healthy environments for people to live, learn, and develop to their fullest potential.
Where people often thought about security as a solution to deploy on top of existing infrastructure, the pandemic clarified the need for truly integrated security at companies of all sizes. In this brave new world, there are a few things every SMB should consider:
- Double down on Cloud Computing – the cloud is a more secure (and efficient) network, with so many employees working remotely. Many security protections are built into the fabric of cloud systems, where on-premises networks leave a company exposed to attacks.
- Security is everyone’s responsibility – provide training and tools for each and every employee on the importance of raising the bar for security protocols including training on how to identify phishing attacks and adopt good security habits.
- Get IT security support – for smaller companies that can’t afford full-time IT support, it’s still critical to have resources that you can count on at your disposal. There are many options for outsourced IT consultants who are certified in the latest technologies.
- A passwordless future – nobody likes passwords, they are inconvenient and a prime target for attacks. The future is passwordless, so users will never have to remember passwords or worry about hackers by simply using an authenticator app. This will create an easier, and more importantly, safer digital experience.
A secure environment empowers not just employees to do and create more, but also gives customers peace of mind to engage with businesses that offer a digital ecosystem they can trust. In the new digital economy, small and medium-sized businesses would be wise to strengthen their cyber-systems, and secure for themselves a safer and more prosperous future.