What is identity protection (and why should SMEs care)?

Your digital identity sounds a bit pretentious. But it encapsulates everything about what you say and do online, your login details, and more. This is why identity protection is something that SMEs really need to start caring about.

Because cybercrime – especially threats against SMEs, widely supposed to have fewer resources to protect themselves – is on the rise across the board. And the results of your identity being compromised can be business-ending.

Here is why, as an SME owner, you need to understand what your digital identity is and how to protect it in order to secure and grow your business:

What is your digital identity?

Your digital identity is everything you do or say online. It’s all the data that can be gleaned about you from your activities in the digital sphere. It might include:

  • Your personal information, such as where you live or the religion you follow
  • What sites you visit (the kind of news you read, the things you’re interested in)
  • The things you buy online and where you buy them from
  • Your login credentials for every program or app you use
  • Your social media profiles and what you say on them

Now picture this applied to your business. All of the things you do, what you sell or buy and who you sell them to, your employee and customer information, financial transactions of all kinds – all of it is your business’s digital identity.

Many business leaders assume that having an antivirus program, using good passwords, and locking the screen when they move away from it protects them. Sadly, they’re nowhere near enough.

What is identity protection?

Digital identity protection includes all of the measures that actually protect your personal and business information from being accessed, misused, or used to defraud you or someone else.

This can include a wide range of effective cybersecurity practices, such as:

  1. Multi-Factor Authentication (MFA) – uses multiple “factors” that are something you know (e.g. a password), something you are (e.g. a fingerprint scan), or something you have (e.g. a smartphone) to maximise the levels of security around your identity.
  2. Single Sign-On (SSO) – lets you authenticate using MFA once and then stay logged on for multiple applications. This improves security by encouraging your team not to find workarounds or skip multiple authentication steps. It’s been proven to work brilliantly.
  3. Strong password policies – preferably using a password manager to control multiple secure randomised passwords that get regularly updated.
  4. Conditional access policies – this is a phrase that refers to having a system for who is allowed to access what data within your organisation. You can also have it require additional verification factors when the user is remote or not on a registered device, for example.
  5. Continuous monitoring – cybercriminals are always getting better at what they do. There are also more of them every year. This makes constant monitoring a key part of identity protection. Talk to your Managed Service Provider about it.

Why is identity protection so important for SMEs?

  1. More SMEs are suffering cyber attacks – around 2 out of 3 SMEs said they were the victims of cyberattacks of some kind last year. This may be because of the perception SMEs will have fewer resources and less well-trained employees to defend themselves with.
  2. Protect your bank account – data breaches are expensive. There is the cost of legal actions and fines from regulators. Not to mention extra costs to repair your systems and put into place the protections that should have been there already.
  3. Customer reputation – even some major brands have felt the reputational impact of data breaches in recent years, with the attendant costs of lost customers and potential clients.
  4. Compliance – cybersecurity compliance with now-standard frameworks like the UK government-backed Cyber Essentials scheme is key to attracting investors and applying for government contracts. Identity protection plays a major role in achieving compliance.
  5. Improve efficiency and productivity – good digital identity protection methods often have the added bonus of improving other processes too. For example, your IT team can focus on other things than handling constant password reset requests.

The most important takeaway is that if you have skated by paying minimal attention to identity security in your SME so far, you’ve been lucky. However, as more and more small and medium businesses find out every year, this is not a factor you can count on forever.

If you don’t want to find out exactly what the impact of your digital identity being compromised would be on things like your financial records and professional reputation, now is the time to start taking the sensible precautions that businesses up and down the UK are putting in place right now.

Want to discuss just what identity protection looks like and how to put it in place?

Let’s chat about it. Dial A Geek has already helped over 1000 organisations in Bristol and the UK protect and grow their business.

Reach out to us today to set up a cost and commitment-free chat with Chief Geek Gildas Jones.