Write a thread containing a thoughtf

Write a thread containing a thoughtful answer to 1 question.  Answer should  contain at least 400 words.  If necessary, you may list within your  thread any concepts on which you need further clarification as well.   Also, you must reply to at least 2 threads below.  Each reply  should contain at least 200 words.  Additionally, all posts  (thread and replies) should reflect professional writing, current APA  standards, include at least 1 scholarly reference (e.g., peer-reviewed  journal articles), and integration of at least 1 biblical principle.

Thread Question: (in 400 words at least)

How would you respond to a small business owner who believes that  his/her business is less likely to be attacked precisely because it is  so small?

Replies(Reply to each thread in at least 200 words EACH)

Thread #1

Organizations  today are utilizing the newest and greatest technology there is to  offer. This is to ensure that they keep a competitive edge with other  organizations within a similar market, as well as, have several  resources available to the IT staff in the event of an issue.  However,  it has been found that when these new technologies are implemented  employees may not be receiving the proper training. This then leads to  employees trying to install software that they are familiar with on to  their company owned system to keep up with production. This should not  be permitted on any company owned systems for various reasons. According  to Miller (2017), the majority of software used today requires some  sort of patching to fix bugs and security holes along with updates to  aid in improving performance. If an employee downloads unauthorized  software, the IT department has no way of tracking it to ensure the  appropriate updates are happening. Miller (2017) stated that employees  may mistakenly download a virus or malware by downloading malicious  software from the internet. This then leads to a delay in production  from the employee as well as possible unwanted expenses. Downloading  unauthorized software can also lead to complications if the employee  needs assistance with a problem within the software. Miller (2017)  stated that if an employee runs into a problem with an unauthorized  cloud spreadsheet application, such as a corruption, the IT staff or  vendor may try and help but they cannot guarantee that the issue will be  resolved. As a result of this, the employee may have lost vital company  data. Miller (2017) stated that by utilizing unauthorized software, the  employee is more than likely not backing up data on the software or if  it can even be restored after it is lost. Again, this is something that  needs to be monitored by the IT staff or chosen vendor. Another issue  presented by Miller (2017) was if an employee installed new software  onto an older machine that wasn’t meant to handle that software, you  could potentially break the system. As a result, the IT staff is  overwhelmed with trying to make repairs to that device. This again leads  to unexpected expenses for the organization.

Another issue that can arise with employees installing unauthorized  software is how do you know that employee isn’t trying to corrupt the  system or aiding someone who else with the same vendetta. With only  authorized access granted to employees, it is easier to track who  allowed the breach to occur and track if any sensitive data has been  release (Miller, 2017). It is important that your department creates a  policy and ensures that all employees follow it accordingly. “Remind the  people to be subject to rulers and authorities, to be obedient, to be  ready to do whatever is good.” (Titus 3:1, New International Version)

Thread #2

Small Business: Big Losses

I would say it is quite the opposite. The likelihood of being  attacked can include a range of different reasons, but in the event that  an attack does happen, your livelihood and the livelihood of your  employees could be completely ruined. “Microsoft estimates that 20% of  small businesses have been victims of some form of cybercrime while  semantics suggests that 43% of the cyber-attacks during 2015 were  against small businesses.” (Berry & Berry, 2018). The statistics to  disprove that statement are readily available on the Internet that is so  important to a small business.

I know a small company doesn’t have the resources, time or  manpower to devote to cyber attacks, but there are other ways to secure  your personnel and assets without having to devote all of those things.  Applications like Comodo, ESET and many others can be used for free or  relatively cheap. These options can provide cost-effective security  solutions to help protect everything from financial records to employee  information.

Another reason that a small business should protect their digital  information is that it is required by law. All retailers that accept  major debit/credit cards have to adhere to the Payment Card Industry  Data Security Standard (PCI DSS). This standard outlines details on what  and how information must be protected by a business, the actions  required to protect customer information and the actions required if a  breach of information does occur. Having to deal with unhappy customers  because of a data breach is the least of your worries though. According  to Miteva at MyMoid.com, fines for non-compliance can range from $5,000  to $100,000 dollars depending on the size and severity of the issue  (2017). Having to deduct even $5,000 of monthly income from most small  businesses would be enough to force them to close their doors.  Details regarding the most current version of the Payment Card Industry Data Security Standard can be found at https://www.pcisecuritystandards.org/document_library?category=sware_sec#results.

While the Internet has provided us with an endless amount of ways  to advertise and better our small businesses, don’t let the World Wide  Web be the reason your small business doesn’t reach its full potential.  With all the low-cost choices on the web, choose one that accomplishes  what your company needs, and get your business PCI DSS compliant. Do not  let your business fall prey to the idea that no one will notice your  small business.