From theregister.co.uk
Backgrounder Without in-house staffing to set up or manage their IT estates, many small-to-medium businesses (SMBs) have migrated to cloud-based business applications, email, messaging, file sharing, and file-storage services.
But don’t think, just because you’ve handed the keys of your IT estate to somebody else, your days spent having to think about the security of your software, applications, and data are gone. They aren’t. SMBs are very much still in the cross hairs of hackers, from phishing, social engineering, and advanced malware to attacks via product vulnerabilities. And running your tech in the cloud doesn’t necessarily mean you’re immune to all that now.
And don’t forget there are steep costs in cleaning up an intrusion: Europe’s General Data Protection Regulation (GDPR) that activated in May 2018 can put any “data steward” on the hook for up to €20m or four percent of turnover – whichever is the greater – in the event of lost or stolen data. Either figure is enough to put a dent, or worse, into a typical SMB.
It therefore pays to remain vigilant, and know where the vulnerabilities in cloud-based software-as-a-service (SaaS) exist – and what you can do.