bizEDGE New Zealand logo
Story image

Simple tips for SMB security

07 May 2012

SMB owners are almost always short of time, and that can make prioritising tasks like security a real challenge.

However, by taking care of the simple things like keeping their software updated, SMBs can still protect themselves from the majority of attacks, according to AVG security advisor Michael McKinnon. 

"Most SME owners are time poor and so security ends up last on a long list of things things to do,” McKinnon told Start Up. "I would really like to see them stop and think proactively from time to time.”

Traditionally businesses have thought of security software as being the moat around the castle, McKinnon says.

"They need to understand that hackers and spammers are now using hang gliders and pole vaults to get over that moat.”

All joking aside, McKinnon points out that the first, not to mention the easiest, step in keeping your company system safe is ensuring your devices are all running up to date software, especially when malware masquerading as antivirus is an ever-increasing problem.

"Fake software looks legitimate but also looks very generic,” McKinnon says."If you are keeping up with your updates, it will be easier to spot the fakes.”

McKinnon also disputes the worry surrounding the BYOD phenomenon. 

"BYOD is not new for SMBs, what’s new is what we can do with the devices and the potential access to files through those devices. The question becomes how do you safeguard the information?”

Ensuring all devices are password protected is the first step, followed closely by making devices traceable. Both the iOS and Android operating systems have a variety of apps available to do just that. 

"The solutions are there,” McKinnon says, "it’s a matter of taking advantage.”

Around 40% of companies only find out their system has been compromised when a client alerts them to the breach, and McKinnon advises listening closely when clients point out anomalies with your site.

"If a client calls you saying they have only used their credit card once and they are being repeatedly charged for transactions on your site, you need to start listening closely.”


  1. Keep your system up to date
  2. Insist on up to date protection on all devices accessing your system
  3. Protect mobile devices with passwords and apps for tracing lost or stolen devices
  4. Listen to your clients.