Customer data is the most important asset for many small and medium businesses.

It is closely guarded intellectual property around which competitive advantage is built.

Given the commercially sensitive nature of this information, reputations are closely tied with how it is secured.

A data breach can ruin hard-won reputations and irreparably damage trust, which may never be regained.

A law firm, for example, which is custodian of highly sensitive client information, should be particularly careful, as a major data breach is a disaster from which a firm may never recover

Those small-to-mid size firms that may not have the budget for a dedicated IT professional can’t take data security for granted, because they’re in the sights of hackers.

What are the threats?

They come in many forms, but two prevalent approaches are phishing and social engineering scams.

The worst part can be the feeling of powerlessness that comes with being a victim of an attack, as it’s very difficult for the police to investigate, and there’s often no justice.

So prepare a defence. Do not compromise on the security of your data and IT systems.

The varying approaches taken by hackers call for a holistic approach to system security.

In a phishing case, the scam is as simple as sending a mock login page from a third-party service provider, such as email marketing platform MailChimp, to obtain the login and password.

This style of attack can be thwarted by two-factor authentication on the account.

But social engineering scams are more sophisticated – they can often take on the proportion of a Hollywood spy thriller.

Hackers will work out the identity of a purchasing officer, for example, and then craft a doctored email requesting payment from a supplier.

Or they might send an internal email in the guise of another employee with malware attached that will provide access to the company intranet.

That malware may infiltrate a PC’s Basic Input/Output System – the program that starts up a computer and manages inputs such as the keyboard and mouse – and give the hacker complete control over the machine.

It could also infiltrate the company’s printer system as a backdoor to the main network.

The threats come in many forms.

How do you protect yourself?

Industry leading PC manufacturer HP has in-built security features such as SureView, SureStart and SureRecover that offer users security from malicious attacks in its Intel-powered Elitebook range.

These systems protect above, in, and below the operating system by reducing the visibility of your screen, providing automatic protection from a BIOS attack, and offering an immediate re-image of your operating system in the case it is corrupted.

But this isn’t enough – a holistic approach is required.

Employees should be aware of the threats that hacking pose to businesses and must be drilled on actions to take in the case of an attempted attack.

Independent IT solutions provider NEOS offers cost-effective, fully integrated security systems that encompass hardware, software and education and operate seamlessly with their clients’ business operations.

These solutions aren’t a choice, they’re a necessity. Don’t leave your business vulnerable to attack. Visit www.neos.co.nz or call on 0800 022-123.