Owner-managers have many things on their mind but IT security needn't be one of them
As an over-worked owner-manager you may not have heard of the term "perimeter protection" but you are almost certainly used to it. If you regularly check to see that your antivirus and firewall software are working properly and up to date then that's perimeter protection. These are the things that keep the four walls of your office and its technology safe, isn't that right?
Well, it kind of is. Or was. In recent years things have moved on a bit. The disturbing thing is that the way people go about protecting their technology hasn't really kept up with it. And one of the things that is changing radically is the blurring of what is inside and what is outside your company's perimeter.
This is due to a couple of factors. The first can be broadly described as "consumerisation" (commonly known as "BYOD"). This is the process whereby a lot of employees, particularly younger ones, turn up to work and assume they can use their own smartphone or tablet computer. In the majority of cases this is a good thing. If someone is willing - enthusiastic even - to donate time on their £500+ smart device for your company rather than you having to provide them with one yourself, fine. If they want to use their own laptop rather than ask you to pay for one, terrific - you can divert scarce financial resource elsewhere.
The only thing is, the perimeter of your organization in IT terms is no longer limited to the equipment you own. It now extends to your employees own personal equipment. Furthermore, they will most likely have different operating systems and technologies than the machines you've already acquired for use in the office.
A second issue is flexible working. The concept of allowing people to work remotely on their own equipment or saving to a shared drive sitting remotely in the cloud has made workers vastly more productive. Like the consumerisation issue this is to be welcomed but once again, it reduces your control and even your awareness of where your business perimeters actually are.
Naturally this translates into increased risk and an IT management headache. Yet it can be easily addressed. It is still possible to protect your extended perimeter, it just needs a different approach. The question is do you as an already over-worked small business owner have the time to address it and manage it yourself? Using applications and security based in the cloud and administered by experts, such as your local IT specialists, makes this process simple. Ultimately any computing device - whether your own or your employees' connecting to your business through a hot spot or a private network - can be secured and managed via the cloud.
This can be very handy if your business suddenly grows. Maybe you have your perimeter security nailed down but then you merge with another company. Maybe you buy them outright. Or perhaps you expand into a second office location, or start using interns who want to use their own technology. With the old perimeter system this involves a lot of work updating all the security measures. You almost certainly would not want to have to do it yourself.
A good starting point is for an IT specialist to look at your business and find out exactly where your perimeter actually is by now, and where it's going to be. The specialist can then make recommendations which are the right shape and size for the sort of business you run rather than some generic, cut-down enterprise solution or scaled-up domestic security offering. They can also manage your IT systems for you. It's all about finding the right level of support for the business you manage.
Don't misunderstand: security is more important than ever and the perimeter of an organization is the most vulnerable point. The danger is when a company acts as if a 2012/13 perimeter is the same as it was in 2005 or 2000, before smartphones, tablets and flexible working took off. The perimeter has moved, and switched-on security companies like AVG, working with IT service professionals, have responded.
The objective is to make your business completely secure at marginal cost with minimal IT overhead- and leave you to run it for profit and pleasure without worrying too much about the underpinnings.