Written by Steve Smith
A relatively large wave of London based indignation was felt last week, as respected business-service group Expert Market named Edinburgh as the best city to launch a start-up business in the UK, with London coming in a surprising third place. Along with Bristol, Brighton and Liverpool making up the top 5, these start-up friendly cities are alive with the buzzing of new start-ups launching and keeping afloat.
As well as the usual successful start-up standards of having a great idea, putting in a lot of hard work, proprietary processes and having driving force of personality, these successful start-ups also need to keep an eye on the boring stuff – return on investment, document processing, human resources and the oft ignored IT Security.
But why do start-ups need to take IT Security seriously?
Threats are everywhere and it’s certainly not just huge companies that are at risk. These massive multi-nationals tend to spend vast amounts of time and money on their security. Whilst there are exceptions to the rule, hackers can be lazy. Why go for the fantastically protected organisation, when you can cause maximum havoc on a less protected business? It’s like the burglar walking down the street where one house out of twenty has an alarm. Guess where he’s going to spend his next hour? Start-ups need to protect against Ransomware and data breaches, amongst other threats. Being a small business is no protection.
Starting up a business is costly. When you are launching a product or service, you are also launching a brand, website, media campaign, travelling a lot, employing quality people, etc. The last thing you want to do is to spend money on software that you can’t even see. You’ve just spent a fortune on the best hardware and furniture, so the kitty doesn’t look as full to bursting as it used to.
Being an Aberdonian, who has started a couple of businesses in the past, I can empathise with this attitude, but I’ve always known deep down that not being secure can be a hell of a lot more expensive than doing things correctly. A typical Ransomware attack will cease on a Bitcoin payment of £10,000. A full suite of security software costs around £6 per employee per month. The definition of no-brainer.
You probably aren’t using a work PC and a home PC due to the cost. You’re a start-up, so every penny is a prisoner. Do you need a laptop at the office and one in the house, or can you get by with one? Of course you can get by. The problem with this situation is that the wider the use of a device, the more open to threats it becomes.
Consider what you would do on a home computer that you wouldn’t do on a work one – streaming movies or box sets, accessing personal email accounts without strict filtering, letting the kids log on to their social media accounts… A large number of legitimate websites have been compromised over the years with malicious advertising, so the “I’ll get by with one device” strategy isn’t a failsafe by any means.
Start-ups are rarely brought to market by technological luddites. Your general cave dweller who still uses a video recorder isn’t your usual start-up guru. If you start a business from scratch, you tend to be an early adopter of ideas and technology. You are someone who has not only embraced Internet of Things, but have invited it to stay the night and promised to respect it in the morning. Your new office has a Nest Thermostat, an Amazon Echo, Philips Hue Lighting and a Samsung fridge that tells you it’s ran out of Irn Bru. And they are all connected to the internet and all have wide open security issues that could infest your network at any point.
You’ve spent years to make sure that your product is superb, your processes and people are all on point and your marketing can be praised to the high heavens by your prospective customer base. All is going well and your business is being mentioned in the same breath as Skyscanner, Mashable and FanDuel. What could possibly go wrong? You lose your data. All your data. Your client information, your financial information, maybe even the recipe to your special sauce. All gone. As is your reputation. Your business is now being mentioned in the same breath as Solyndra, BetterPlace and Amp’d Mobile.
Start-ups aren’t the only businesses targeted by hackers, but they are especially vulnerable. If you are involved in a start-up, or know someone embarking on such a journey, just a quiet word about security may be all that is needed to ensure they protect themselves adequately. At Shackleton, we have years of experience advising clients how to best protect their infrastructure. We’re happy to advise any business that wishes to do this and especially keen to support those brave entrepreneurs taking a big first step. Feel free to give us a call.