Could Meerkats and Avatars hold the secret to security for the smaller business?
Smaller businesses are more vulnerable when it comes to attacks from the bad guys, so how do they protect themselves? Davey Winder tries to answer that question.
COMMENT:Implementing a secure data strategy is not difficult when you are a larger enterprise. All it takes is money to buy the right advice from the right people (whether that's in-house staff or outsourced consultancy) and deploying the solutions best suited to your particular needs.
In fact, the bigger your business, the easier data security becomes. But what if you are at the very smaller end of the SME scale, with little in the way of budget to spare or knowledge to draw upon? Truth be told, data security gets harder the smaller you are and, believe you me, the bad guys have noticed.
No matter what size business you are, following well established best practice principles will cost you nothing and go a long way to making your enterprise more secure.
You might not have the volume of data that attracts both the Eastern European organised crime gangs and media headlines alike when said gangs successfully breach the network perimeter. But the opportunist cyber criminal, the bedroom script kiddies and small-time chancers, are quite happy to prod away at smaller, more insecure networks. In other words, they have the hard-pressed, hard-up, small business firmly in their sights.
So where do Meerkats and Avatars enter the data security equation? Simples (erm, sorry about that) that's the name of the annual event held at the St John's Innovation Centre in Cambridge which sees early-stage companies demonstrate their innovative technologies in front of invited members of the media and potential investors. David Gill, director of the St John's Innovation Centre, is quite right in pointing out that the introduction of the Small Business Research Initiative (SBRI), which enables early-stage, high-technology SMEs to take part in a tendering process for government contracts, has "made a tangible difference to many Cambridge companies by introducing them to a real' client".
The Meerkats and Avatars event was held yesterday, and one of the companies that leapt out from the seventeen innovators being showcased this year was Smart Architects with a product called sCrib. This hardware device plugs into a USB port and stores twelve cryptographically secure passwords. Dr Dan Cvrcek, founder of Smart Architects, explains that each password can be up to 20 characters in length and automatically generated, which you then use to replace twelve of your existing passwords without the need for any software or, indeed, expertise. "sCrib's unique algorithm protects passwords against viruses and keylogging" Cvrcek says, continuing "if an sCrib is lost this doesn't allow anyone else access to the passwords because each password is not accompanied by information about what it is for. To increase security further it is possible to add a typed PIN to important passwords: a few digits or letters which users type before they press a button on the sCrib". So the device then becomes, in effect, an instant two-factor authentication hardware token.
It's not the first time that the company has found itself being accused of innovation in the data security world: Earlier this year it was a finalist in the Global Security Challenge. This competition searches for the world's most innovative security startups, and it looks like it may just have found one. Especially, returning to my point at the start of all this, when most current security systems are too complex and too expensive for the average small business.
Of course, no matter what size business you are, following well established best practice principles will cost you nothing and go a long way to making your enterprise more secure.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now