When comparing SMEs and Large Enterprises on Security, one element is found to be common to the two: They both utilize their IT infrastructure in conducting their business, and are therefore exposed to the same security threats. How each of these two go about it is a totally different story.
While large enterprises tend to handle security rather well, most SMEs still look at security as a far-fetched, unnecessary cost and headache. Because of budget constraints, some would simply throw in an antivirus and a firewall and assume they are secure. The security threats for SMEs are even greater nowadays with the pervasive use of the internet, the advent of cloud computing, and the new BYOD (Bring Your Own Device) tendency.
A fellow CISSP from WatchGuard(r) wrote an interesting whitepaper on the Top 10 Security Challenges for SMEs and proposes ways to mitigate the threats exposed.
Furthermore services offered by SMEs are similar to those offered by large enterprises, and SMEs tend to allow Internet Access for every user and remote access to information systems (emails, intranet, applications, etc.).
With this in consideration, there is a need for SMEs to change their mindset. Security should not be viewed as a low priority, unnecessary cost, but should be seen as an essential cost of doing business and given the appropriate priority.
SYLVERSYS Consulting Managed Services provide SMEs with a comprehensive technology management service for their business, including Security. For more information, kindly visit www.sylversys.com/managed-services