Meet Steve. Chances are you’ve worked with a Steve before – he’s smart and dedicated and knows a lot of things. While he’s in the Accounting department, Steve has always been the go-to for anyone in the office with a computer issue – whether it’s setting up Outlook or making sure you can print to the right printer. Sure, helping out with IT around the office does take Steve away from some of his accounting work, but he doesn’t mind because it’s usually quick and he only gets questions a few times a day.
But then disaster strikes – someone in the office clicks a suspicious link in their company email and suddenly all the traffic over the internet slows to a crawl and no one can access their files on the shared server. You suddenly get a message that your network has been compromised, and the hackers are demanding $10,000 to get access to your files and emails back. You’ve been hit by ransomware and no one knows what to do. The CEO considers paying the fine, because the files contain sensitive client information and there is no way to get them back otherwise. He starts drafting an email that will have to be sent out to all clients to inform them of the breach, and is worried that he may end up losing some clients over this.
While this may sound like the premise to a low-grade IT horror film, situations like this, especially in small businesses, are increasingly common. While Steve is an excellent resource in helping with the day-to-day IT needs of the office, he’s not an expert in network infrastructure or security, and it has left the company vulnerable. While many companies feel they are “too small” to be the target of ransomware or malware attacks, the truth is usually quite the opposite – hackers specifically target small businesses under the (usually correct) assumption that their security measures are not set up to protect against these types of attacks.
Let’s look at a less severe scenario and how this can also play out for Steve – let’s say that suddenly in the middle of the day, everyone suddenly is unable to connect to the file share server. Steve calls Spectrum and confirms that the internet service to the office is functioning. The office slowly starts grinding to a halt as employees are unable to do their work without access to their files. Steve drops everything he’s doing and tries, by trial and error, unplugging and restarting the server and router stored in the IT closet, hoping it will suddenly just come back up and everyone can go back to work. Sometimes, this type of trial and error can work, but sometimes, it can take hours. The team eventually decides to go home for the day, since they’re unable to do any work in the office. Deadlines are potentially missed.
So what does this end up costing? Hours of downtime, for both Steve and the rest of the office, means hours upon hours of lost productivity. This is time that could be spent servicing clients and getting work done. Factoring in what every employee is paid, a few hours of lost work could potentially mean thousands of dollars in lost productivity.
In the ransomware scenario above, the cost could be much more dire. Studies have found that the majority of companies who pay the ransom on their files end up never even getting them back. This could potentially be years of lost work, emails, and sensitive information. Security breaches like this could also mean lost clients – knowing that their sensitive material ended up in the hands of a bad actor on the web could be lost trust that may never be able to be rebuilt.
So what’s the moral of the story? While it may sometimes feel like everything is running smoothly and your office doesn’t need a dedicated IT resource, that isn’t always the case. A proper network infrastructure and security settings can help prevent attacks or downtime before they even happen, leaving Steve and his colleagues freed up to make sure they are being their most productive throughout the day. Even something as simple as a firewall and a monitoring system can help to make sure we don’t end up putting Steve in a jam he isn’t equipped to get out of again.