“My business is too small to be a target.”
This statement is common, and for the most part untrue. Hackers don’t care how large or small a network is–if they see it, and there are holes in it, they’ll try to get in. In fact, small targets are in certain ways even more appealing because their security is often weaker. Smaller companies don’t have the funds set aside to constantly monitor their networks and quickly shut down security threats like the larger companies might. This is related to a second common misconception:
“There is nothing on my network a hacker would want–if they get in, they’ll just leave.”
If you use credit cards or account numbers, there is plenty of stuff on your network worth getting. Even innocuous things, like passwords to email or facebook, can be great incentive for a spammer. It doesn’t take much for your network to be appealing, and if someone gets in, they’re certainly not going to ‘just leave’.
“If I install antivirus on my machines, it will protect me.”
This is also a common misconception, but antivirus software doesn’t typically protect anything but the computer it is installed on. Your network is still open to threats unless security measures are put into place. What’s more, there are many threats that utilize the human element. Phishing threats, where a hacker will send out emails pretending to be IT helpdesk or another trusted source and ask for passwords, are still sadly common. Make sure you train your staff to avoid these threats.
So keep in mind, security is important no matter what the size of your business. Never make the mistake of underestimating threats, and take network security seriously. Don’t become a victim–remain vigilant and monitor your network before security becomes a problem, not after.