When starting a small company, there are many things to consider. In the early stages, funding, business plans, marketing and other aspects can take up so much of the time but are especially important. One aspect of business that is often put aside is cybersecurity. As businesses become more digitalised, APAC startups and SMEs must be more aware of protecting themselves from cyber-attacks. After a 168% increase in attacks in the region in 2021, cybersecurity in APAC becomes even more of a hot topic and the importance of endpoint security for startups should no longer be ignored. 

But what is endpoint security and what steps can small to medium-sized businesses take to protect themselves from the threat posed by hackers?

What is endpoint security?

Almost every company relies on computers to function. Whether it is a small corner shop using a laptop to conduct its banking, bookkeeping tasks and track orders, or an eCommerce company managing its entire processes online, the internet is ubiquitous in enterprises. Any computer, tablet or smartphone used for communications when conducting business is considered an endpoint and is a potential target for those wishing to access information illegally.

Jayden Soh from HKBN JOS shares why we should revamp endpoint security

Therefore, it is important to ensure that all devices are protected from potential cyberattacks in order to protect company data, bank accounts, and any other information essential to business operations. There are numerous tools out there that provide different forms of protection, such as Oxeye.io, which detects vulnerabilities in modern distributed applications.

Potential threats to SMEs

As most companies use cloud-based storage for their data, this can give them a false sense of security. With very little stored on computers or other devices, startups can feel protected when the opposite is frequently true. Information is generally safe if it is stored in the cloud, but it can be hacked if proper security measures are not taken, which is where many SMEs fail. 

The COVID-19 pandemic has changed the way we work. Many companies felt that they needed to allow their employees the opportunity to work from home. This left many companies vulnerable and surprised by moving away from an easily monitored and secure workplace and opened the door to cyberattacks.. Increased use of cloud applications without the necessary security protocols became a gilt-edged invitation to hackers. 

Some large companies, such as insurance giants AXA and Tokio Marine Group, violated security breaches in 2021. The Indonesian Government and Southeast Asian Military organisations were also victims, demonstrating how vulnerable even governmental bodies can be when faced with determined cybercriminals. These breaches should warn any business, regardless of its size or functions, of the necessity for robust security for all aspects of online activity. 

How can SMEs protect themselves from cyberattacks?

While no strategies or even the tightest security is 100% foolproof, taking the following measures to protect data are critical for any SME: 

Implement management controls: All devices used for businesses need to have security protocols consisting of secure passwords, limited access to sensitive data, restricted administration privileges and strict usage policies. If possible, use Two Factor Authentication for access to essential data.

If the company has an IT department, they should have the responsibility for instigating such protocols and be able to disable or restrict the usage of devices remotely in case of theft or loss. The owner or their administration can take on this role for smaller companies. The employment of a Managed Security Provider (MSP) or usage of a Security as a Service (SECaaS) company may also be viable options.

Secure encryption: Ensure that all applications have end to end encryption and that all data passes through secure channels. 

Install security software: Antivirus and malware software should be installed on all devices to identify and prevent any attempted security breaches, protect against malware, and warn of unsafe websites or applications that may cause damage. 

Keep apps and software updated: To ensure optimal safety, install new updates or patches for programmes or software on all devices as soon as they are released. 

Impact of cybersecurity breaches

The current economic climate is challenging for almost every business. Global health issues, wars and environmental threats have slowed growth and made surviving in this economic landscape even more difficult. APAC startups and SMEs are as vulnerable as any others while growing an enterprise in the face of these difficulties. Many have had to pivot from their original business plans and work with remote teams to achieve their goals, leaving a door open for exploitation by hackers.

With the rise of threats to cybersecurity in APAC, it’s important to realise that the consequences of a security breach may be far-reaching and not just financial. The theft of sensitive data leaves companies facing a PR crisis and consumers having less faith in the firm. When trust is broken, it is often hard to regain it, and consumers will choose to take their business elsewhere.

Damaged reputations, loss of money and company data can all be a death knell for a small enterprise with limited resources. Endpoint security for startups is critical to protect against possible attacks, even for small businesses.