Managing Your IT Risk

Winston-Salem, NC 11/19/2017

Symantec's Internet Security Threat Report 2017 lists small businesses as the target of 31% of all cyber attacks in 2016, up from 18% in 2015. 

"While it can be argued that the rewards of attacking a small business are less than what can be gained from a large enterprise, this is more than compensated by the fact that many small companies are typically less careful in their cyber defenses."

These days, all businesses rely and benefit from information technology (IT) like computers, the internet, and even mobile telephones.  IT provides huge advantages in efficiency but can also create exposure to some very serious risks.  Large businesses have teams of IT people making sure they don't run into trouble.  Small businesses, however, don't have the same resources and therefore have to choose what they can reasonably address. 


Here are four IT risks that small businesses can address easily and without great expense.  Start with these and you'll be in much better shape:

  1. A hardware firewall appliance can add important protection. 
    Risk: When you are connected to the internet there is always the possibility that an intruder can gain access to your systems and compromise vital information.  Routers and modems offer only moderate protection, at best. 
    Mitigation: While not foolproof, a separate hardware firewall device provides an additional layer of protection for all your equipment and applications.  SonicWall, for example, provides options for added security at a reasonable cost.
  2. Maintain anti-virus / security software on all your computers. 
    Risk: Most computers now come with temporary anti-virus software installed, such as Norton or McAfee (Microsoft's Windows Defender, provided as part of the operating system, has not been adequate).  Regular updates to new virus definitions are a must to reducing your vulnerability.
    Mitigation: Software and virus definition files must be kept up-to-date.  Usually, this means anti-virus software on each of your machines.  Some vendors offer "management" capabilities so changes, updates, and upgrades get done without having to visit each computer.  There are also services that you can purchase to detect and avoid viruses, phishing, and spam for your whole office.  SonicWall and Barracuda, for example, offer these services as optional additions.  These only work inside the firewall - taking a laptop on the road still requires anti-virus software installed on that machine.
  3. Keep your operating system (OS) and other software up to date. 
    Risk: Despite everyone's best intentions, software (such as Windows and other applications) is released with bugs.  These bugs can allow the bad guys to install software to collect and steal sensitive data such as password or financial information.
    Mitigation: Updates and security fixes are regularly released by OS vendors - but they don't do any good if you don't install them.  Many are not automatic!  Get in the habit of regularly checking for and installing security updates.
  4. Back up your data regularly, and check that it works properly. 
    Risk: Computers do break down (often at the worst possible time), and you can lose access to your data when that happens.  Losing a day of financial transactions is an inconvenience, but losing a week/month/more could bring your business to its knees. 
    Mitigation: (1) take backups regularly and often; (2) verify the backup as soon as it's complete (a bad backup does you no good); and (3) keep a copy in a different location from the computer (don't lose your backup and your system at the same time).  It's often difficult to do this regularly and for all important systems.  Consider a comprehensive, automated solution such as Carbonite or Mozy (online backup services) or Barracuda (in-house or online), among others. 
  5. There are other things you should be doing (such as protecting your Wi-Fi network from intruders or ensuring that passwords are secured) but the four items described above will address some of the high-priority risk factors.  There are many vendors and solutions out there and the possibilities change constantly.  The specific software, hardware, or services that you implement depend on your particular situation - you should review it annually with your IT service provider.


Most importantly, please contact our agency so that we can help you analyze these complex coverage issues for your business. It’s always best to double check your specific situation and coverage needs.

Contains excerpts from Jon Seidel, EDC Consulting, 11/11/16.

View All News Articles

What Our Customers Say!
Fletcher, I wanted to just send you a note to let you know how thankful we are to Linda Welborn for all of her work on our homeowner's and auto policies. This is the first time I can honestly say that someone took the time to explain the different levels of insurance to me and discuss what we actually needed, rather than what they wanted to sell me. I learned so much from this experience! In addition to the "education" she provided, she provided a proposal to us very quickly and was able to finalize everything in a very timely manner. We are thrilled to be working with your team going forward! Sincerely, Laura Blythe
Laura Blythe

Read what others have to say.

What's New

Why every Board of Directors should carry D&O Insurance


Directors & Officers Liability insurance provides coverage for your own “wrongful act” while performing duties as a Director of Officer of the insured entity, or the "wrongful acts" of other board members. 

Why Do You Need Director’s & Officers Liability Insurance?

While an organization is legally permitted to cover the costs incurred as a result of personal liability stemming from the activities performed on behalf of the organization, this ability, called indemnification, may not apply to every situation.  The director or officer may become personally liable in their duties performed for the organization.

Read More »


What You Should Know About Rental Car Insurance
There are some very serious contractual gaps in coverage for rental vehicles. Even if you purchase their Collision Damage or Physical/ Loss Damage Waivers, many rental car contracts exclude the following:
  • Theft of the Vehicle
  • Tolling, or Turning the Vehicle Over
  • Lease Gap coverage
  • Loss of Use
  • Glass, Tire and Undercarriage Damage
  • Animal Collision
  • Flood and Hail Damage
  • Damage above the Windshield
  • Individuals who rent personal vehicles for extended periods and do not have a Personal Auto policy in force
  • Drivers who rent, and do not own another vehicle insured elsewhere, need to be expecially careful here
Read More »


5 Types of Cyber Criminals and How to Protect Against Them
Understanding the types of cyber criminals and their techniques can help protect your organization from a data breach. Here are some common threats and steps a business can take: 

Read More »