Home Articles & Features Top IT Security Risks for Small Businesses in 2018 – and How...

Top IT Security Risks for Small Businesses in 2018 – and How They Can Protect Themselves


Being responsible for a business’ IT in the 21st century is not for the faint of heart; there are a myriad of external and internal threats to consider, with more to think about each day. To make things easier – and help to combat that uncertainty – we’ve collated the top 5 risks to your business’ IT you’ll face in 2018. Read on and prepare yourself for the year ahead:

1. Bring Your Own Device

Remote working and hot-desking have become staples of the modern office environment, bringing with them the Bring Your Own Device (BYOD) culture. To small business owners, BYOD can be a cost-saving dream come true, with employees providing their own machines to work on.

The reality, however, comes with far more risks than many owners first anticipate. What they’re welcoming into the workplace are machines over which they have little to no control – they are, after all, personal devices belonging to employees, who use them at home and when out and about.

The risk here is threefold: the device (especially mobile devices) could be stolen or broken outside of the workplace, the antivirus or software may not be sufficient to protect sensitive data, and if an employee leaves, it’s difficult to police what information remains on their device.

2. Out of Date Everything

As WannaCry demonstrated in its headline-grabbing attack on the NHS, keeping systems updated is absolutely essential to close any potential backdoors left open for lurking threats. The trusts involved in the ransomware attack had neglected to update their operating systems, meaning there was no longer any support should anything go wrong, as well as an exploit to make sure things did go very, very wrong.

It’s not just giants such as the NHS who come up against this issue, however: small businesses (especially those embracing BYOD) are forgetting to keep operating systems and antivirus up-to-date, putting their entire IT offering at risk.

3. Insufficient Understanding

Not all threats to IT are external, with a lack of employee training responsible for many accidental mishaps. Yes, your own people could be putting systems at risk, though unintentionally. This can involve anything from accidentally opening a malicious email containing a virus or spyware, to purposely avoiding software updates on their device, or attempting to fix an issue by themselves.

4. Doing it Alone

As we’ve become more tech-savvy in our everyday lives, more and more small businesses have opted to put an employee in charge of their IT – despite not having the formal training necessary to adequately protect from threats.

Although initially sounding like a good method of cutting costs, this decision actively puts customer data and the business’ systems at risk, whilst piling undue responsibility onto an employee who already has another role within the company.

5. Don’t Know Your Enemy

If the last few years have taught us anything, it’s that businesses don’t necessarily understand what’s out there, threatening their business until it hits the headlines. They simply don’t know which viruses are currently in circulation, or what to do when ransomware strikes, or even why someone would target them.

What’s more, not every threat is reported on in the news – only the ones that affect large institutions or cause a huge scandal – leaving them even more at risk of being surprised by an unknown threat they have yet to hear about.

How Can Small Businesses Protect Themselves?

If you weren’t nervous about your IT before reading this article, it’s almost assured that you are now! Fortunately, keeping your IT safe in 2018 isn’t an impossible task, and there’s a straightforward solution too: outsourced IT support.

By investing in third-party IT support, small businesses are protecting themselves, their customers and their employees without having to invest in costly in-house teams and full-time employees. Instead, they can have the level of support they need, without having to worry about developing threats or leaving IT in the hands of Simon from accounting.

This article was written by Neil Haydock, the founding Director of CNi Solutions a specialist in Cyber Security

Send us your news

Add a link to your business