Understanding small business is tough because there are so many of them and they vary so widely. But all small businesses share certain problems, attitudes, and approaches to those problems. Let’s give a hand to Symantec and Network Solutions for doing their part to discover the state of security and creating (and studying) the Small Business Success Index.
In its study Symantec focused on its sweet spot, security with an added dash of storage. Symantec surveyed over 1,400 small businesses worldwide, including 200 in each in the U.S. and 200 more in Canada. Of all companies surveyed, 44 percent employ between 10-100 workers, 28 percent employ 101-250, and 29 percent employ 251-500.
Overall, Symantec found small businesses know security is important. Budgets for security and storage are flat or rising for 91 percent of the responders. Exactly half say they plan to increase spending for IT. Yet despite this understanding, serious security and data protection gaps exist.
Small businesses report that their top three security concerns are viruses, spam, and data breaches. But how do I reconcile those findings with the fact those same respondents said they have no endpoint protection (59 percent), no desktop backup and recovery (47 percent), and no antispam solution (42 percent)?
Isn’t that the definition of cognitive dissonance? How can you say security is a serious concern to you, yet have no endpoint protection? How can four in 10 companies function today without some type of antispam control? Do they just ignore e-mails because they can’t find important messages in the never-ending flood of spam?
Some specific questions about data breaches really caught my attention. Symantec asked, “Why did the security breach happen?” and allowed multiple answers from survey takers. Top of the list, at 47 percent, was system breakdown / hardware failure. I wonder about the wording of the question or possible answers, because in my experience, hardware rarely causes those types of problems. Hackers don’t attack hardware, they attack weak software security and poorly trained end users.
The second highest response about the data breaches also strikes me as curious. Forty four percent said the breach happened because of a lost or stolen laptop, smartphone, or PDA. Other surveys I’ve seen put this percentage at two thirds or higher. The Symantec survey pegs human error as the reason for 39 percent of the breaches, but nearly all poor security processes can be called human error if you look at the problem in the right way.
The main security barriers include the usual suspects, with lack of employee skills at the top of the list (41 percent) followed by budget (37 percent). Forty two percent said they don’t have any dedicated IT staff, which surprised me. Usually companies hire a full time IT person when they have 50 or 60 employees, and the survey included firms as large as 500 employees.
Symantec wraps up its survey with tips, including involving solution providers, using layered and comprehensive security, and backing up your data. Hey, those 38 percent who said they had no server backup or recovery processes in place, call a solution provider quickly. Today.
Network Solutions brought in the University of Maryland’s Robert H. Smith School of Business to help develop and study the factors of small business success. Network Solutions created an online survey you can take to see where you rate on the Small Business Success Index. Each of the 1000 businesses surveyed by phone have 100 or fewer employees.
On their new site Grow Smart Business, Network Solutions offers videos and downloadable articles on ways to become more successful. The index focuses on six areas: capital access; marketing and innovation; workforce; customer service; computer technology; and compliance. Small business owners answered 28 questions to provide a baseline for small business success.
About a quarter of small business did enough correctly to fall under the “Highly Competitive” label. About 20 percent only rate “Failing” which falls in line with my favorite 80/20 guideline rules. As with any studied group, the biggest numbers were in the middle, either marginally competitive (29 percent) or marginally failing (27 percent).
Not surprisingly, the worst grades across the board were for capital access. Network Solutions says this has the most impact on overall competitiveness, so it was rated as most important. Since non-high-tech small companies get little venture capital interest in general, and since venture capital spending is way down thanks to the economy, I’m surprised any small businesses scored high in capital access. Those who did must have a good working relationship with their local banker.
The highest index score was in customer service. One of the primary advantages of being a small business is closeness to customers, and Network Solutions seems to bear that out. I’d be interested to see the ratings of the highly competitive companies in customer service. I bet they’d be at the top of that list, explaining much of their success.
Since Network Solutions sells domain names and Web sites, you won’t be shocked to hear it feels using “Internet business solutions” helps small companies be the most competitive. Thirty one percent of the highly competitive businesses scored at the top of the tech-powered scale with 6-14 Internet business solutions in their organization. If you need an excuse to focus more attention on your Web site and start leveraging the Internet for more marketing, there’s the kick in your can to get you started.
Wrapping back around the circle, the more Internet business solutions you use, the more security and data protection you need. No desktop backup (47 percent) and no server backup (38 percent)? That’s really scary.