Are you one of the many accountants whose systems are vulnerable to catastrophic outages?
By Rick Telberg
Special for HP
HP/CPA Tech Advisor
News and Trends Exclusively for CPAs from HP
Losing computer system data can be financially devastating, and small and medium sized businesses are vulnerable to the point that their very existence is at stake.
The events that can damage computers and rob businesses of their data are expanding faster than technology itself. Here are just a few: fires, explosions, computer viruses, hackers, disgruntled employees, sprinkler alarm malfunctions, vandalism or theft, tornadoes, earthquakes, blizzards and forced evacuations, such as what occurred during the Anthrax mail scare shortly after the Sept. 11 terrorist attacks.
SMBs unprepared for such threats can suffer dearly. The American Red Cross estimates that at least 40 percent of SMBs never reopen after disasters such as floods and tornadoes, and in many cases its because they failed to protect customer information, financials and other key data that had been in their computer systems.
Just because your offices are not in an area prone to tornadoes or heavy rain, don't think your data is secure. The threat of a direct technological attack is greater than ever.
A whopping 53 percent of computer security executives surveyed in 2004 by the Federal Bureau of Investigation and the Computer Security Institute reported that there was at least one unauthorized use of their organizations' information systems in the past year and close to 60 percent reported virus attacks. A more recent study by a digital security firm found that during the third quarter of 2004, the number of technology security events jumped 150 percent over the same period in 2003 fueled by "more sophisticated hackers writing better code."
Large well-capitalized corporations are investing millions of dollars to fend off hackers and the viruses, worms and other "malware" technologies popping up almost everyday. Still, in some cases, technology break-ins just cannot be effectively countered as 12 percent of the companies in the FBI-CSI study experienced more than ten computer security incidents.
While SMBs are not the victims of direct attacks as often as larger companies, there are at least three frightening reasons for them to be concerned: First off, smaller businesses are often the end part of larger attacks, including Internet worms or credit card theft scams. Secondly is the simple fact that as larger, highly capitalized companies invest in tighter technology safeguards, attackers will increasingly look at the less expensive systems that are easier to break into.
And all companies are subject to data loss caused from within their organizations by disgruntled employees breaking into systems to intentionally wreak damage or by happy campers making honest mistakes. Gartner Group once estimated that employees are responsible for more than 70 of the unauthorized access to businesses' information systems. For SMBs relying on the traditional method of having employees backup their PCs or duplicate computer data to tape once a day, the only way to eliminate all risk is to have them do that backup 24 x 7.
Unfortunately, even insurance is not an answer because while it covers the loss of physical assets, it often excludes the even greater asset of the computer data that represents an SMB's pooled knowledge and often it's future. It's up to SMB managers to make sure that data is kept safely.
