Most, if not all, small to medium-size businesses have an IT strategy but according to recent research, only 14% of them can honestly rate their plan as ‘effective’.
In truth, many SMEs are convinced a cyber attack won’t happen to them because they are ‘too small’ and therefore the plan will never need to be executed. In reality, no business is too small to be targeted.
43% of all cyber attacks are aimed at small businesses.
What your business can be too small for, is recovery. In fact, 60% of small businesses hit by a cyber attack are forced to close their doors as a result. So, is your IT strategy just a piece of paper that ‘ticks the boxes’ or is it an effective plan that has the elements you need to protect your business?
Does your IT strategy cover compliance?
Compliancy has always been a requirement of every business – some more than others. Healthcare agencies and law firms, for example, have their own hoops to jump but with the introduction of GDPR back in 2016, all businesses are now accountable for their client’s privacy – even if they only hold an email address.
With stiff fines on the table for non-compliance, you must take the appropriate measures to meet GDPR and other compliance requirements associated with your business. What’s just as important is that the measures you take are documented as part of your IT strategy as evidence of your compliance.
Is it on paper?
Your IT strategy needs to be a physical document. Having an anti-virus solution and good intentions is not enough to protect your business. A good strategy should include your cyber security plan, backup and recovery plans, business continuity plan and routine device checklist.
If you work with a managed services provider, a chunk of this will be taken care of for you.
Does your IT strategy cover remote workers?
In current times this should be a key consideration. With more remote working taking place than ever before, this is an element that even those businesses with robust IT strategies may need to re-visit.
Any remote workers you may have in your workforce are a new type of vulnerability and slightly different considerations need to be taken to office-based workers. Your IT strategy should cover remote device security, remote working tools and access, and cyber security awareness staff training.
Do you have clear employee policies?
Your IT isn’t just the responsibility of your IT manager or IT service provider, those who are using tech need to be involved too.
You should have clear, documented Access Policies, Remote Working Guidelines and Acceptable Use Policies with signed copies held on employee files. Having this formal guidance in place will, not only protect your network and equipment but can protect your reputation too.
Jupiter IT – your IT department.
At Jupiter IT, we give our clients invested support and managed IT services. We are more than an IT provider; we offer advice and consultancy. Every client is an individual, and we only offer solutions that are right for them.
If you’d like to learn more about our unique IT contracts, give us a call; we’ll give you a free audit of your systems and a rundown on how we can make your IT better.
“When it comes to an IT partner you need trust, experience and expertise; with Jupiter IT, we have all three”
– Hull City A.F.C