- Community Home
- >
- Servers and Operating Systems
- >
- Servers & Systems: The Right Compute
- >
- How to make a small cybersecurity budget work for ...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Receive email notifications
- Printer Friendly Page
- Report Inappropriate Content
How to make a small cybersecurity budget work for your business
Digital security and financial efficiency don't always get along, and it's almost always up to IT to patch the relationship. The pressing need to stay safe has forced C-suite IT execs in every industry into an increasingly vocal role as they present, pander, and plead for more money to spend on security. This work-social dynamic has trickled down to the small and midsize business world, where cybersecurity budgets are even smaller.
Whether your company's financial decision-makers have already declined your proposals or you're pretty sure they're going to, the security needs that forced your request are still there. Worse, there's a chance you'll shoulder the blame if your company is hit by a breach, no matter how hard you tried to secure funds beforehand. Telling your boss "I told you so" is usually a terrible idea, so implementing affordable security measures is one of the best skills an IT professional can have when it comes to personal and career development.
Mitigate the biggest risks
Remember the first rule of security: you're always at risk for a breach. Identifying and covering your biggest vulnerabilities should be your top priority. If you can't replace a weak fence, you should at least patch its biggest holes.
Companies that are extremely reliant on the internetโthose that use multiple critical cloud-based technology tools, for instance, or that host a large web presenceโare especially vulnerable. Fifty-eight percent of cyberattacks target small businesses, Security Magazine reports, and that might prompt you to spend what little money you have on improved firewalls and network appliances. Companies that handle a lot of personally identifiable information about their customers, on the other hand, may invest in extra access or security training for reps in an effort to reduce the effectiveness of social engineering attempts. Others may use their existing budget to bring in a consultant for a one-off brush-up. In this case, doing anything is better than nothing.
Harden and enforce
You know the value of data security education, but setting strict policies is just as important for working within your cybersecurity security budget. If you have the support from your higher-ups, institute a policy that work devices and networks are for workโand only for work. Such a policy might seem draconian, but it can prevent major headaches, especially when used in conjunction with affordable monitoring and blocking tools.
Ransomware, CNet says, shuts down one of every five SMBs it hits, so preventing it is paramount. Take, for example, Locky, a nasty bit of ransomware that, Fossbytes writes, used Facebook Messenger to infect businesses. In cases like this, instituting a policy instructing people to stay off Facebook at work or on work devices will have some effect, but backing it up by blocking the site and the Messenger app to match the policy will keep all but the most determined away.
As basically everyone is on Facebook anyway, this move also invokes the idea of mitigating the biggest risk. Should you hear grumbling from the staff, an office-wide email on just how dangerous (and costly) ransomware can be should silence it. Explaining the risk in personal termsโ"Do you really want our payroll data to be irreparably encrypted? Do you want to risk carrying an infected file home on your thumb drive?"โcan also be effective.
Backup, restoreโflex pay?
Instilling a backup plan within the parameters of your cybersecurity security budget can be a bear if you don't have the facilities in place. Here, a hybrid cloud setup using pay-as-you-use tools could be effective, as can hardware vendors with flex-payment options. Consider, too, that presenting solutions with more flexible payment schemes after asking for a security budget you know you won't get is a staple of effective workplace psychology.
Assume physical loss
There are few easier ways for attackers to get at sensitive data than to literally pick it up off the ground. Planning for loss and theft should be a major part of your plans for cybersecurity, regardless your of industry or budget.
While you can't just shrug your budget away, you can make use of affordable tracking and remote-wiping tools for business and business-touching hardware, like employees' personally owned devices. Many products come with this capability out of the box, assuming you take time to set it up. If you haven't, make today the day. Master data management tools make this possible even on employee-owned devices. When combined with policies that require strong passwords or PINs and automatically exclude malicious apps, these tools can reduceโor even removeโsome of your biggest security concerns.
Good security is costly, but SMBs can't let a cybersecurity budget consume their tech spending. Even if you can't secure more funds for bigger, safer solutions, you still can protect your company and your professional reputation. Remember that even the best-funded security efforts can't defend against every vector. But if you're crafty, committed, and frugal, you can still put up a good defense.
Ready to take the next step? Check out the SMB Hybrid IT for Dummies Guide. Because there are no dumb questions!
Are you ready to purchase? Visit the HPE Store.
Robert Checketts
Hewlett Packard Enterprise
twitter.com/HPE_Servers
linkedin.com/showcase/hpe-servers-and-systems/
hpe.com/servers
RobertChecketts
Robert has over 25+ years of IT Marketing and Product Management leadership experience spanning country, Regional and WW organizations. Robert is a marketing executive with extensive experience in field marketing, channel marketing and product marketing on a global basis and is driven to deliver SMBโs end-to-end affordable infrastructure thatโs secure from the start, optimized for every workload, packaged for many consumption models, ready to scale, and easy to manage.
- Back to Blog
- Newer Article
- Older Article
- Dale Brown on: Going beyond large language models with smart appl...
- alimohammadi on: How to choose the right HPE ProLiant Gen11 AMD ser...
- Jams_C_Servers on: If youโre not using Compute Ops Management yet, yo...
- AmitSharmaAPJ on: HPE servers and AMD EPYCโข 9004X CPUs accelerate te...
- AmandaC1 on: HPE Superdome Flex family earns highest availabili...
- ComputeExperts on: New release: What you need to know about HPE OneVi...
- JimLoi on: 5 things to consider before moving mission-critica...
- Jim Loiacono on: Confused with RISE with SAP S/4HANA options? Let m...
- kambizhakimi23 on: HPE extends supply chain security by adding AMD EP...
- pavement on: Tech Tip: Why you really donโt need VLANs and why ...
-
COMPOSABLE
77 -
CORE AND EDGE COMPUTE
146 -
CORE COMPUTE
130 -
HPC & SUPERCOMPUTING
131 -
Mission Critical
86 -
SMB
169