How SMBs can diminish the risk of a data breach Perceived notions of 'high-cost investment', ignorance and a mindset 'who would target us' makes the SMBs, a hacker's goldmine. This perspective needs a re-set

By Karmesh Gupta

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur India, an international franchise of Entrepreneur Media.

shutterstock

For any economy, SMBs are the backbone. The intent to scale and grow faster generally makes business owners to invest money in areas where returns can be multiplied. Unfortunately, cyber security at the moment is not realized as an important element by SMBs. High cost of investment and the mindset "who would target us' can be cited as the key reasons to not incorporate healthy security architecture. Ironically, this ignorance makes SMBs, a hacker's goldmine. As an outcome, customers lose trust and marketing campaigns cannot repaint it.

If we in fact consider the numbers, a 100-people company can make itself safe by just spending 3K per person, per year, lesser than a yearly party budget of an employee. It is about a perspective change that needs to be built.

There are multiple ways a data breach can happen. Understanding all the aspects is necessary to diminish the risk by a large extent.

1. Office Network Attacks

Using a weakly-configured router at the gateway of LAN and WAN becomes the root cause of entry of any intruder. Once the network infra is accessible, any of the connected nods i.e. computer systems, servers, IP Cameras, IP-Pbx etc. are vulnerable.

SMBs must incorporate the use of Network Security Gateway like Firewall etc. with proper rules to ensure that intrusion becomes arduous. Typically, a firewall has gateway anti-virus, IPS engine, Sandbox which ensures that each packet coming in the network is safe. It also primarily helps businesses to connect their multiple branches via secured way through VPN. Features like Content Filtering and QoS help in enhancing the employee productivity by limiting their access to only work related content.A fire wall may cost around INR 75K for first year, and later annual renewals around INR 30K.

2. Website and Cloud-hosted Application Attacks

Due to the penetration of cloud technology, businesses mostly host their web and database on any of the prevalent platform like AWS, Google Engine, Azure etc. The instances have limited computing capacity and hence can serve up to a certain number of users.

Attackers may run a DDoS on the public IP of your server and as the request crosses the threshold value, system would go down. Similarly, there can be various types of attacks that can intrude in your hosted content.

Deploying a virtual firewall on the cloud instance takes all your worry away. Objective of Virtual Firewall is almost the same as a physical firewall. The cost could come around INR 25K.

3. End Point Security

Using Corrupt Pen Drives, Hard Disks, downloading free software or movies, clicking ads etc. generally results in the entry of a malware in your computer system. These malwares then have the access of your entire system and can steal and upload any confidential data (like banking details, mail and social media access credentials, financial documents, etc.) on their servers.

Next to the outside hackers, companies are also vulnerable from internal team members. Any of your employees can use a pen drive and take all important data to their home and may upload it publicly for vicious reasons.

Hence it is advised to use an End Point Security solution where a client file is installed onto all your end systems and a server file on the physical server or cloud. The IT administration can then granularly define rules for every individual system. For example, the IT admin may only permit the access of company owned storage devices on client machines. This basically makes any of the external storage devices non-functional, and hence the breach gets prevented.


The IT can block any kind of upload from client machine, which further helps them in preventing leakage of information in the form of mail and social attachment along with cloud upload. Similarly there are more than 90+ functionalities which can be applied as per the need and structure of organization.


End Points also helps in preventing you from ransomware via AV scanning, Patch Management and backing up your important system drives on the physical server or cloud.


Typically, the cost of EPS per machine for a year varies between INR 1000 – INR 1300 depending on the modules purchased. If you don't opt for an EPS, then at least a good Anti-Virus must be installed on all the systems. It costs around INR 400 per machine per year.

4. Attacks due to Improper Configurations and Loosely Patched Softwares or OS

Just deploying the above products may not mitigate the risk until they are well configured. Hackers may find the way to invade and hence vulnerability assessments should be exercised.

It is important to have yearly assessments and audits of your digital assets. This helps SMEs to learn about the open doors and related consequences. Based on the generated reports, the IT administration can work on to fix them and ensure tighter protection.

Any reputed cyber security service company would be willing to do the job for around INR 80K.

Karmesh Gupta

CEO & Co-founder, Wijungle

Karmesh Gupta is an Indian Entrepreneur and the Co-Founder and CEO of the Cyber Security company WiJungle. He was featured as the youngest recipient in Forbes 30 Under 30 Asia List (Enterprise Technology) of the Year 2020. Born and brought up in Alwar, Rajasthan, Karmesh started his journey in 2013 with Rajasthan Royals while he was in the second semester of his graduation. Later he worked with Lucideus as a Cyber Security Analyst before co-founding HttpCart Technologies in October 2014.

 

HttpCart became the first Indian private company to roll out a completely free wifi service in 2015. With time, the company shifted its focus towards cybersecurity and launched the World’s first Unified Network Security Gateway under the brand name WiJungle. WiJungle currently serves government and private giants globally and ranks among the top-rated Network Security Vendor as per market research firm Gartner.

Business News

'We're Not Allowed to Own Bitcoin': Crypto Price Drops After U.S. Federal Reserve Head Makes Surprising Statement

Fed Chair Jerome Powell's comments on Bitcoin and rate cuts have rattled cryptocurrency investors.

Leadership

I'm a Leadership Coach — Here's the One Mental Exercise Every CEO Needs to Try When They're Feeling Drained

Here's a simple, powerful exercise to help leaders refill their own "container" and cultivate self-care, resilience and compassion for themselves and others.

Science & Technology

This AI is the Key to Unlocking Explosive Sales Growth in 2025

Tired of the hustle? Discover a free, hidden AI from Google that helped me double sales and triple leads in a month. Learn how this tool can analyze campaigns and uncover insights most marketers miss.

News and Trends

Building the Future: How AI and Real Estate are Joining Forces for Smarter Investments

In 2024, the Indian real estate market size is estimated to be USD 518.5 billion and is expected to reach USD 856 billion by 2029, at a CAGR of 8.71 per cent. Real estate is the most preferred asset class for investment for over 59 per cent of Indians

Science & Technology

How Can Marketers Use ChatGPT? Here Are the Top 11 Uses.

With the recent developments in AI and the popularity of ChatGPT, you may want to integrate AI into your marketing practices. Find out how.

Marketing

5 Ways ChatGPT Will Impact Digital Marketing

ChatGPT is creating ripples across the digital landscape right now. Here are five ways it can benefit your ads, campaigns and marketing strategies.