IT Support &
Business Software

Perception vs. Reality – IT security for SMEs


When it comes to IT security, there is a large discrepancy between perception and reality. This is particularly true among smaller businesses. In the UK, SMEs account for 99.3% of private sector business and contribute £1.8tn to the economy.

It is not surprising therefore that they are an attractive target for cyber criminals. Despite this, 82% of companies it-securitybelieve they are too small to be targeted by cyber criminals. In reality, 92% of hacking incidents in 2014 related to SMEs.

According to a report by the Federation of Small Businesses, cyber-attacks cost the UK economy around £5.26 billion a year. Moreover, small businesses are hit hardest. An attack can be costly in terms of restoring your systems, data loss, potential reputational damage and risk to your clients’ systems.

So with increasingly sophisticated cyber-attacks, how can you protect your business?

IT Security Checklist

As always, prevention is better than cure. We advocate a multi-faceted approach to securing your systems, taking into account your software, hardware, policy and education.

Whilst the list below is not exhaustive, it provides a good starting point:

  • Patch Updates: Microsoft and other software vendors regularly issue patches to secure vulnerabilities, fix bugs and improve features. Deploying these patch updates quickly fixes vulnerabilities which may otherwise be exploited by cyber-criminals. Patching is arguably one of the most important aspects of your IT security strategy.
  • Antivirus software: If you are using the internet, email or transferring files, your computer is exposed to malware. Antivirus software helps protect against these threats. Whilst there are numerous products available, we recommend Trend Micro. This software offers heightened levels of protection, without affecting user performance or speed.
  • Firewalls: Sitting at the gateway to your systems, firewalls inspect all data passing in and out of your network. They help to identify and block unwanted traffic. Depending on your budget and requirements, the specification of firewalls varies significantly. We are therefore happy to discuss options available.
  • Email: 91% of attacks start through email via phishing or spear-phishing. Attacks are becoming more sophisticated and difficult to detect. In particular, impersonation tactics are used to steal credentials and company data. There are however Cloud solutions, such as Mimecast, that offer targeted threat and malware protection. These remove threats before they reach your network.
  • Policy: An effective IT Policy will help employees understand what is acceptable practice. Policies should address password privacy and management, regular patch updates and restricted administrator access. In addition, they should provide guidance on internet and email usage.
  • Education: Raising awareness of IT security will help employees react appropriately when exposed to a threat. In fact, employee education is one of the most effective ways to enhance your company’s overall IT security strategy.


Cyber security for small businesses will become even more important when GDPR comes into force. The new law will see companies fined up to €20m or 4% of their annual turnover, if found to inadequately protect customer data.

In summary, SMEs are a prime target for cyber criminals. This is not only because of their weaker defences but also because they are an attractive route into larger companies with whom they work. Whilst small businesses are starting to appreciate the implications of cyber-attacks, many still have a lot to do to secure their systems. Putting steps in place to protect your business now can avoid future reputational damage, data loss or fines.


Client Testimonials


Josie Sullivan Leroy Reid & Co

Very helpful in supplying the system required with very little down time. Personable and professional in guiding us along the right path. Nothing is too much for them.

David Halloway Southern Testing

Support with a sense of fun!

Carmel Clarke Kingswood Controls

Professional and extremely helpful. PCR will go above and beyond to resolve any IT problems that you may have.

Max Somper Metamark

PCR are very much on the same page as ourselves. They're very flexible, pragmatic about response, efficient, and they've always been the best choice for us as a business.

Keith Faulkner Brainwaves Books

Over the years, I've seen PCR grow and develop, but their attitude and customer service has never altered. The quality of their service remains constant.

Alex Arscott Richard Russell Panels

A good honest company we've dealt with since the year dot.

Contact PCR now