Security's Everyman

Security's Everyman

Friday, November 10, 2006

Small Business IT

InformationWeek has an article about a survey that reveals that a lot of small businesses leave data vulnerable. A lot of the survey respondents have no real data recovery plan in place for data stored on desktops and laptops. Many of those who do have a plan are still storing the data in ways that leave it vulnerable to loss and possible misuse.

What really caught my eye about this is this quote by Kiyoshi Maeda, Verio president and CEO "Given the affordability and easy deployment of some of today's PC data backup and recovery solutions, it's surprising that such a large number of small businesses leave their data exposed and at risk,". Obviously he has never owned or worked for a small company. There are many, many, many companies out there who can barely afford what little technology they have. They have no IT staff or their IT person is whoever could spell PC when they first got computers in the office.

When I did my stint as a consultant I spend lots and lots of time talking with small businesses who needed the services provided my my company but could only afford an hour or two a month. And our rates were VERY cheap compared to major metro areas of the country. When we did get into many of these companies to help them out we ran into all sorts of issues related to old equipment, expired support contracts and subscription services for AV and such. Getting these companies up to a decent level of usability was often a very slow process as they could not afford to spend money to buy what was needed. When they did it was often in small chunks here and there.

A couple of weeks ago Martin McKeay posted (sorry about not linking I can't find it on his site) about the NAC debate being almost not worth his time keeping up on because his company couldn't afford a NAC solution. He said that they were lucky to keep what they had up to date with support contracts and such. This is what much of small business America faces. It doesn't matter how cheap or easy technology is to use if you can barely afford to pay normal bills. I know it may be cheaper than the loss incurred due to a virus, data loss, network failure, etc... but that is just the reality of how many business have to live.

3 comments:

McKeay said...

Andy, the link you were looking for was to "Cisco is going to die and roll over Crossbeam, crushing them!"

http://www.mckeay.net/secure/2006/11/cisco_is_going_to_die_and_roll.html

Andy, ITGuy said...

Thanks Martin!

LonerVamp said...

I love this post! I know I'm late, but I'm just reading some of your earlier posts.

I think one of the problems is security and IT are only truly managable by companies with money to spend. Far too many smaller outfits (even companies as "large as a few hundred people) have inexperienced, shotened (as in only affording a few hours a month), or no IT support, and as such, even less internal IT set up.

This is similar to why home users can be so insecure and a big part of botnets and such.

For all our strides in IT and security, it will still take decades to raise up the average bar across so many people...and all the while, software and hardware will continue to get old and dated.

This means more emphasis on open source products and applications that can run with less resources (typically Linux). But as you strip away the shiney GUIs and ease-of-use of devices, the cost of IT people to support that stuff tends to go up.

At least there's job security!

Creative Commons License
This work is licensed under a Creative Commons Attribution-NC-SA 3.0.