This group of businesses is the most often attacked on earth—here’s how we helped

December 11, 2019

The original article is published on the Microsoft 365 Blog.

There are 79 million businesses worldwide who meet the “small or medium business” (SMB) definition of having 300 or fewer employees, and those businesses represent 95 percent of all the companies on earth—which amounts to a staggering 63 percent of the world’s workforce. As gigantic as those figures might be, they’re belied by other numbers that cast a shadow across worldwide employment: Last year, 55 percent of SMBs weathered cyberattacks, 52 percent of these breaches were caused by human error, and, in a quarter of these cases, sensitive customer data was breached. The average cyberattack will cost an SMB U.S. $190,000 and, after a ransomware attack, only one-third of SMBs can remain profitable.

This year, these numbers will only increase because 90 percent of SMBs do not currently have any data protection.

In an era where nearly every company is, in some regard, a technology company, the upcoming end of support for Windows 7 on January 14, 2020 only adds to the pressure on these businesses.

We considered our responsibility to this community

During my keynote at Microsoft Ignite, I spoke at length about the challenges associated with app compatibility, and I shared how Microsoft has taken on a responsibility for compatibility. The reasoning behind this is simple: Among other reasons, when more organizations are operating modern infrastructures, it’s much simpler to keep attacks from spreading throughout the world. Similarly, as my team looked at the needs of the SMB community, we considered our responsibility to their security posture. After some analysis, we discovered a way to help them that didn’t exist within the enterprise offering of Microsoft 365 (a product we had fine-tuned to the needs of large companies).

The answer was Microsoft 365 Business, and I believe it offers SMBs the best possible opportunity to be secure and productive at the lowest possible cost. Microsoft 365 Business offers the same security tools used by many banks, governments, and multi-national corporations, as well as the very same productivity tools in Office 365.

Recently, we’ve undertaken an effort to think and talk about this topic differently.

While many SMBs don’t have the resources to hire a Chief Security Officer (CSO) of their own, I think this community can use Microsoft 365 Business like a CSO. I encourage you to spend a few minutes at YourNewCSO to learn how to use these resources right away. No matter where you are on your security journey, the site and these eight quick (and funny?) videos will show you steps to better secure your business.

Our data clearly demonstrates that combining security with a huge boost in productivity is the type of innovation that will set an SMB apart in a competitive environment. A recent study of two customers by Qualtrics found that employees using modern tools were 50 percent more likely to say they could better serve their customers, and they were 121 percent more likely to feel valued by their company—a sentiment that is directly tied to improved productivity, loyalty, and a positive organizational culture.

Fully use what you already have

Rather than simply try to sell something throughout this post, I’d like to point out some ways SMBs who already own Office 365 can improve their security without spending any additional money. Included below are seven steps to improve your security at no extra cost—you can also read how to do it or watch this quick overview.

  1. Check your Microsoft Secure Score.
  2. Set up Multi-Factor Authentication (MFA). Setting up MFA will prevent 99 percent of identity attacks.
  3. Use the built-in mobile application management tools in Office 365.
  4. Set up a separate account for performing administrative tasks.
  5. Use an antivirus solution that leverages the cloud to protect from the latest threats. Microsoft Defender provides some great out-of-the-box capabilities in Windows 10 that more than 50 percent of enterprises are using.
  6. Store files in OneDrive for Business, and the cloud becomes your backup. No more manual PC backups, which saves you time and money. Even better, if you are hacked and are regularly saving your documents to OneDrive, you can simply revert your files back to before the hack occurred.
  7. Stop email auto-forwarding.

As we found from talking with hundreds of SMBs, creating a culture of security is one of the biggest first steps you can take. Right now is the time to educate your employees about how to identify security threats (e.g., don’t click that suspicious link, and if you do, please let someone know), and with Windows 7 very quickly reaching end of support, use this as an opportunity to move to our best available, most secure platform. Microsoft 365 Business can help.

Office 365 security tips

Seven security features in Office 365 you can use to secure your organization.

Watch the video

Why move from Office 365 to Microsoft 365 Business

Office 365 provides the suite of productivity tools you know and love, including capabilities like Exchange Online, SharePoint Online, and OneDrive for Business. But when you move to Microsoft 365 Business, you get that power of Office 365 as well as a comprehensive, cloud-based security solution that lets you defend your business against advanced threats. Microsoft 365 helps you to protect against cyberthreats with sophisticated phishing and ransomware protection; lets you control access to sensitive information, using encryption to keep data from being accidentally shared with someone not authorized to see it; and enables you to secure the devices that connect to your data, helping keep iOS, Android, Windows, and Mac devices secure and up-to-date. Microsoft 365 Business is fully integrated with Office 365, so you have one place for administration, billing, and 24×7 support.

Next steps

In addition to visiting YourNewCSO, consider the value of insuring yourself against a cyberattack. I’m excited to announce that, starting today, we’re piloting a new program in the U.S. in collaboration with AXA XL (a global insurer) and Slice Labs (on-demand insurance platform) to offer a free cybersecurity health check and support AXA XL’s provision of cyber insurance for qualified customers that use Microsoft 365 Business, Office 365 Business, and Office 365 Business Premium.

With your permission, AXA XL will assess your organization’s security and offer their services to qualifying customers, potentially with a discount. You can find more information about the collaboration in the AXA XL and Slice Labs press release, and you can read more about their offering and purchase insurance.