Enterprise-Caliber Access Security with SMB Sensitivity
Small & medium-sized businesses (SMBs) today are under attack from malware, ransomware, external threats and data breaches. But with the lack of sophistication around most SMBs’ security stance, the prospect of remaining unaffected by attacks is bleak. The challenge to secure SMB access is to balance easy implementation and use with protection against sophisticated attacks.
Learn how SMBs, and the managed service providers (MSPs) servicing them, can get big business protection in terms of focus and effectiveness, but with SMB sensibilities in terms of implementation and use.
The impact of security on an SMB’s bottom line
A tour of any modern SMB office highlights how IT solutions are critical to business success.
The absence of Email and communication systems, productivity applications and enterprise tools that do everything from organizing process to reporting on financial data, would certainly impede success and profitability. And yet despite this, IT Security is still viewed as an unwelcome cost, rather than an enabler of business solutions.
IT matters to small-medium business success, and security matters to IT success.
Today any SMB can quickly adopt a new technology to gain new capabilities, improve efficiency and/or reduce costs. However each new application creates a need to secure SMB users, data and the environment that the solution integrates into.
Those that treat security as an onerous requirement that is invoked each time a new technology is contemplated will be slow to adopt – and slow to profit from – new efficiencies.
SMBs that build effective IT security frameworks are able to move more quickly and surely than their competitors. Environments without effective IT security solutions will have difficulty innovating and are likely to fall behind more nimble competitors.
But, it’s no easy feat securing the SMB
Firstly this not about spreading FUD (fear, uncertainty and doubt). According to Accenture’s Cost of Cybercrime Study, 43% of cyberattacks are aimed at small businesses, but only 14% are prepared to defend themselves.
SMBs are a lucrative target because most do not have sufficient defenses in place to protect, detect or react to attacks. In fact only 14% of SMBs rate their security as ‘highly effective’.
The Verizon Data Breach Investigation Report highlights common challenges for SMBs.
Why the SMB is a target
Lack of Expertise / Understanding
It’s not so much these exact reasons: lack of resources, lack of expertise, lack of information, lack of time, lack of training - although they are all very relevant and real. The common issue on why we are seeing SMB as an easy target is because there is a “lack of something.”
- Lack of resources
SMBs have already made the investment in legacy systems and technology. They want to avoid investment in something else that also might require updating the whole infrastructure, updating storage or updating the operating system.
- Lack of expertise
The challenges are also becoming more and more complex. Organizations need to deploy security solutions that extend to remote locations and cover roaming and mobile users. For those customers that are located in a distinct geographic region, the problems are often just as complex. They have partners, consultants, supply chains that extend beyond the traditional network perimeter and make things even harder to defend.
- Lack of information and training
Most small and medium sized businesses do not have a sizable IT team. Security solutions with ‘stickiness’ tend to be simple to implement and intuitive to manage.
- Lack of time
Smaller businesses are understandably focusing on being operational from day to day, so they can serve customers to keep the business going and pay the staff working. Medium sized businesses often lack the buy in from management who need to be better educated on the dangers to make this a priority and offer the resources and training for IT to fulfill their security needs. It’s not just about money. Cybersecurity perspectives are available to assist the SMB, but it takes time.
The state of SMB security today is focused on primarily protective security
An effective security stance should go beyond merely “raising the shields” around users, data and networks.
But today most SMBs focus on protective security such as antivirus, patch management, email or web filters, application whitelisting and perhaps an intrusion detection system or two-factor authentication (2FA) for your most privileged accounts.
There’s nothing wrong with this. These are obvious protection and prevention steps you should take, but it’s not enough to just put the barriers up.
Despite best efforts, compromise will continue to exist. Attackers improve, look for new ways to take advantage and the problem is no one is detecting this. And if no one is detecting, no one can respond.
In fact, sometimes the challenge with a breach is to know they even happened at all. According to the 2022 Cost of Data Breach Report, it takes on average 277 days to discover a breach.
The best protective strategy therefore needs to be validated over time. ‘Detect and react’ should be used to ensure preventative measures are working – spotting and reacting to abnormal or suspicious activity.
Implement MFA across all users
The “lack of something” in SMB security resources often leaves IT admins to restrict MFA, if present at all, to privileged accounts.
While each organization has a different balance, you’ll reduce risks by extending security down the “non-privileged” path as possible. The real value of MFA is to protect any account with access to critical data, applications and systems.
And that’s perfectly attainable for SMBs. MFA is dogged by common myths, such as its too costly, complex or frustrating for SMBs. But MFA has evolved dramatically. With the right solution, you can implement customized, granular MFA that helps you strike the right balance between employee productivity and security.
Set up automated controls that take action before damage is done
But don’t stop with MFA. While spending all your (limited) time trying to monitor every last bit of the network is a failing proposition, there are other ways to automate preventative measures.
Monitoring in and of itself is a pretty costly mode of operation; it requires significant IT time and resources to put proper detection mechanisms in place, will likely raise an initial set of false positives that need to be fine-tuned, and necessitates reports and meetings to ensure the detection is actually working.
All small and medium businesses battle against lack of time and resources. They are far better off running and monitoring solutions that offer automated controls in addition to threat identification and real time response.
In short, should something fall outside a set of established restrictions, your solution should automatically take action before the damage is done – not only when IT intervenes.
Enterprise-Caliber Security with SMB Sensitivity
So how does a secure SMB build an approach that safeguards their organization, users and data?
Firstly, security solutions for an SMB and MSPs servicing them, should not be any less effective than it is for an enterprise client. The data is no less sensitive, the disruption no less serious. They need enterprise caliber defense in terms of focus and effectiveness, but with SMB sensibilities in terms of implementation and use.
Here are 8 SMB-friendly criteria to achieve minimum effort for maximum impact
Effective
Look to add layers, like MFA, to your SMB security strategy. Putting a layered defense in place maximizes your chances of stopping a threat before it starts.
Intelligence
Solutions that just offer information result in the need to hire a watch dog. Choose intelligence and insights that can help spot and stop a breach.
Automated
Should something fall outside a set of established restrictions, your solution should automatically take action before the damage is done – not only when IT intervenes.
Limited administration
Most small and medium sized businesses do not have a sizable IT team. Security solutions with ‘stickiness’ tend to be simple to implement and intuitive to manage.
Accurate
SMBs cannot take a lot of false positives. There's no time to chase 50 alerts a day.
Non disruptive for IT
Solutions that work alongside existing infrastructure don’t frustrate IT teams.
Easy adoption
If security overwhelms and stifles productivity, users can’t do their job and the solution is already dead on arrival. Security should be behind the scenes, protecting the users and the environment until the moment the user is truly conflicting with security protocol.
Cost effective
If you agree with the ‘when’ not ‘if‘ premise, then you already know your security strategy is incomplete and requires more investment. Security doesn’t have to come at a high cost – but it does have to be effective in relation to its cost.
Securing the SMB against external attacks and internal security breaches
Logons provide one of the clearest indications of potential compromise. They are the one common activity across nearly all attack patterns and often effortlessly compromised. It only takes a careless employee to share a password or leave a workstation unattended. Even the most careful employee can be exploited and the victim of stolen credentials.
With UserLock MFA and contextual restrictions, IT Teams can make sure authenticated users are who they say they are, even when credentials are compromised. Logon attempts that don’t satisfy the second authentication factor along with any established restrictions are automatically blocked, before any damage is done. Risk detection tools alert on other suspicious activity offering IT administrators the chance to instantly react. Working alongside Active Directory, UserLock extends SMB security far beyond group policies and native Windows functionality.
Start a free trial now
30-day full version with no user limits
"UserLock is simple to install, easy to configure and offers a level of protection that all small, medium and large business should be implementing as part of their security roadmap."
Ricky Magalhaes
WindowSecurity.com
Download this White Paper in PDF