SMBs State of Cloud Data Security

Dror Liwer Blog

Small and Medium-sized businesses are often viewed as soft targets by criminals operating in the cloud. While it seems counterintuitive that hackers would go after smaller data caches or command ransom from those less likely to afford it, the lax security measures employed by the vast majority of SMBs leaves them extremely vulnerable. Effective cloud security for small business requires a diligent effort and the right level of customized support. 

The State of Cloud Security for Small Business in 2020  

Surveys have illuminated how unprepared many SMBs are when it comes to meeting cloud security threats in 2020. Data indicates that approximately a quarter of SMBs spend less than $1,000/year on IT and cloud security, and around half do not have a dedicated in-house IT security professional on staff. Additional alarming stats include the following:

  • One-third of companies with 50 or fewer employees rely on free, consumer-grade cybersecurity.
  • 1 in 5 small businesses have no endpoint security whatsoever.
  • 50% of SMBs surveyed said they do not provide employees with any cybersecurity training.
  • 60% of SMB owners believe they are unlikely to be attacked, but 18.5% have been victimized this year.

On the bright side, 80% of those surveyed acknowledged cloud security for small business as a “top priority” this year, so there is recognition of the problem and a desire to do better. After all, data breaches are costly. Just one cybersecurity incident can bring a small business to its knees. Once a breach occurs, a quarter of SMB owners will spend $10,000 or more to resolve the attack. More than half of SMBs suffered a blackout of 24 hours or longer to recover from the data breach. A quarter of SMBs lost business as a result, and about 40 percent lost crucial data.

Who is Responsible for Cloud Access Control and Security for Small Business?

Over the past decade, cloud computing has become the norm, with 74% of SMBs deploying at least part of apps in the cloud (Especially email in the form of Office 365 or G-Suite). Operating in the cloud is no riskier than with a traditional data center, but the responsibilities are shared between the cloud service provider and the cloud customer. Understanding the division of labor and finding a trustworthy partner becomes increasingly important.

Typically, SMBs are responsible for security tasks like:

  • Enforcing strong user account security measures like passwords and user account credentials (that are not to be shared), as well as training employees to avoid phishing attempts or unauthorized device use.
  • Revoking access privileges for ex-employees and ensuring that no data leaves the premises with them.
  • Controlling third party access and data sharing among business partners.

In a nutshell, user account security is typically on the SMBs’ plates.

A cloud service provider may handle some other tasks, such as:

  • Antivirus
  • Activity monitoring and logging
  • Blocking suspicious activities
  • Data encryption
  • Firewall hosting

Security providers vary in what protection measures are included in their packages. If you are looking for more comprehensive, hands-off cloud access control and security for small business, contact Coronet to learn all we can do for you with SecureCloud.