Small and medium sized businesses (SMBs) sometimes lack the money, resources, and personnel needed to fully secure their data, at least when compared with larger companies. But protecting business, employee, and customer information is essential for all businesses, both large and small. A new survey from Infrascale finds that many SMBs take cyberattacks seriously but don’t necessarily have the proper safeguards in place.

SEE: Cybersecurity: Let’s get tactical (free PDF) (TechRepublic)

For its latest research for World Backup Day, Infrascale surveyed more than 500 C-level executives of SMBs in March 2020. Among them, 49% said that cyberattacks are their biggest concern when it comes to protecting data, while 58% pointed to security vulnerabilities as their biggest data storage challenge.

Among other data protection issues, micro disasters such as corrupted hard drives and malware infections were cited by 46%, system crashes by 41%, data leaks by 39%, ransomware attacks by 38%, and human error by 38%.

The results differed slightly by industry. A majority of those in the education, telecommunications, and healthcare sectors pointed to micro disasters as their biggest issue in protecting data. But more than half of the respondents in the retail and financial areas listed cyberattacks such as ransomware as their top concern.

Despite the potential risks that could affect their data, 21% of the respondents admitted that they don’t currently have a data backup or disaster recovery solution, while 13% said they have no data protection strategy in place. This does mean that the overwhelming majority of SMBs do have such products and plans in place, which is certainly a good sign. But the rest remain vulnerable.

“Our research indicates that 21% of SMBs do not have data protection solutions in place,” Infrascale CEO Russell P. Reeder said in a press release. “That’s a problem, because every modern company depends on data and operational uptime for its very survival. And this has never been more important than during the unprecedented times we are currently facing.”

One tidbit uncovered by the survey is that data protection means different things to different people. Asked what data protection means to them, 61% of respondents cited data security and encryption, while 61% cited data backup. Some 59% defined data protection as data recovery, while 54% mentioned anti-malware services.

Almost half (46%) said that data protection addresses email protection, while 45% said it addresses data archiving and the ability to bounce back quickly after a disaster. Some 44% of the respondents said that data protection means ransomware protection and mitigation, 44% cited protection for devices such as laptops and mobile phones, and 32% said that data protection involves processes that prevent user error.

“Data protection can come into play in a wide array of important ways – including data security and encryption, data recovery, email protection and data archiving,” Reeder said. “It also provides the ability to recover quickly from a disaster, protection from and mitigation of ransomware, and physical device protection. Plus, it can prevent user error. All of the above are valuable for businesses.”

Among the 500 people surveyed, CEOs represented 87% of the group. Almost all of the remainder was split between CIOs and CTOs.

Image: Getty Images/iStockphoto