How do startups know if it’s time to grow up?


    By Alexander Moiseev

    Last of two parts

    Cybersecurity for maturing businesses. All the characters in this story are fictional, and any chance that this has happened to real people is just a coincidence, but it illustrates the trend that we found among small businesses, including our customers that use consumer tools instead of special offers for business.

    We interviewed nearly 700 companies with less than 50 employees around the world, and a quarter (25 percent) of them admitted that they use products for home use to protect their business from cyberthreats. This confirms what we see through our sales analytics as well — consumer IT security products are purchased by businesses, and the share of these sales is remarkable, it is not about several occasional cases per year. Basically, these are companies that consist of several people, some of which have just recently left individual entrepreneurship, and some have had their business for some time already, with a staff of three to ten employees.

    Perhaps this option seems easier, cheaper and faster for them. It is likely that they do not have full-time IT specialists, they do not need to set up special policies, analyze threat events or manage hundreds of devices. They just need to ‘set and forget’ their IT security for reasonable money. And it seems that a home-based product for family protection provides all they need.

    What is wrong with consumer protection. Security tailored for consumers is a great thing and it is possible to use it for business protection. It is possible to protect several devices with one license including PCs and mobile devices. However, it still lacks some features and can’t meet all business demands, even for small companies.

    What if a company has not five but 20 employees or the business is growing very fast and the number of employees is constantly increasing? Then it suddenly needs several licenses of consumer product but a person who manages protection won’t be able to manage all devices together. The business will not have the visibility it needs across all devices and the status of their protection. In addition, consumer products cannot be used for server protection, so file servers where a company normally stores all business data will not be safe.

    Changing mindsets. The use of inappropriate services and products, is not necessarily fatal for businesses, and even cybersecurity is not an exception. The key takeaway from this story is the idea that companies should realize they are actually businesses.

    This means they need to consider everything from a point of view that benefits the company and ensures efficiencies. Companies must find optimal solutions to solving problems — whether it’s buying furniture for a restaurant or managing the logistics of order deliveries from a store in Tokyo to Copenhagen. These small steps into a big business will not harm progress, but, most likely, will help to save money and time. Moreover, a properly organized cyber-defense will help secure all these effective business processes and the results of entrepreneurial work. (Author is Kaspersky’s Chief Business Officer)