By: Henry Simons

The spotlight for online security for small businesses in the United Kingdom has never been brighter. The new European Data Protection Regulation, which regulates the progression of personal data within the European Union (EU), will come into full effect by April 2018 – which replaces the previous Data Protection Directive due to its out-of-date guidelines.

Despite the UK’s EU referendum vote in June 2016, which saw the UK vote to leave the European Union with 52% voting to leave (, we will still need to follow the new Regulation if small businesses in the UK wish to trade with countries within the EU. And small businesses need to listen up, or risk being left behind if they fail to increase their security and protect their data.

A recent survey by the Close Brothers revealed that 63% of UK small to medium enterprise's (SME) owners and management have chosen not to invest in online security, with 36% saying they are not concerned about it at all (source: Close Brothers). With the fast-approaching European Data Protection Regulation changes these statistics are cause for alarm.

Here, we have highlighted three of the top risks in online security for small businesses so that you can start thinking about what you need to do to protect your business and prepare for the new European Data Protection Regulations.

Risks in online security for small businesses

Increasing threat

A large majority of small businesses in the United Kingdom simply ignore the threat of cyber-crime against their small business because they don’t believe they are a target or worth the effort. But you might be surprised to know that it’s not the big-fry businesses hackers are after, small businesses are actually top of the list when it comes to targets for hackers – generally because of the lack of online security they have in place.

Stop them in their tracks and protect your small business now before it’s too late. Take the proactive approach and look into what measures can start being introduced to your small business in order to improve your online security and protect your business and your customers' valuable data from hackers.

Cloud data

The Cloud has changed the way businesses work. We can now be more agile than ever, employees can work whenever and wherever they like thanks to the Cloud, and we can access our data at the drop of a hat – even if we're the other side of the world. But this comes at a cost and introducing Cloud systems which have not been thoroughly researched or properly set up could result in a serious data breach. Xero accountants, Approved Accounting, think small business owners shouldn't be afraid to embrace new technology, especially if they want to experience business growth, but should approach with caution. "Use Cloud platforms which put security at the heart of what they do" says owner of Approved Accounting Jon Green, "find out as much as you can about their security and data protection policies, and if that information isn't readily available then ask for it." Keeping records, such as financial data on a computer or hard drive is a disaster waiting to happen - but storing that data on a platform which isn't secure could also land you in hot water, and in the worst case scenario could cost you your business.

Untrained staff

Your team are your small business' biggest asset, but when it comes to cyber-crime they can be your biggest risk if they are not made aware of the dangers of their online activities. Spoof emails and ransomware are becoming increasingly common in small businesses. 54% of businesses in the UK have been targeted by some form of ransomware attack, according to a survey from security firm, Malwarebytes (source: Guardian). Ransomware steals and encrypts all of your data, which you can't get back until you've paid the hackers a ransom - some businesses have reported paying in excess of $50,000 in order to get their data back and keep their business unscathed.

Ensure your staff is educated on the types of attacks they may come across, such as spoof emails, and put procedures in place so everyone knows what to do should you be targeted. Employing a reputable IT support company will help ensure you are protected and up-to-date with the latest threats.