T

The Challenge to Secure Small and Medium Sized Business (SMB)

Striving for Enterprise caliber solutions with SMB sensitivity

Small & medium-sized businesses (SMB) today are under attack from malware, ransomware, external threats and data breaches. But with the lack of sophistication around most SMBs security stance, the prospect of remaining unaffected by attacks is bleak.

Learn how SMBs, and the managed service providers (MSP) servicing them, get the big business protection in terms of focus and effectiveness, but with SMB sensibilities in terms of implementation and use.

Why security really matters

A tour of any modern SMB office highlights how IT solutions are critical to business success.

The absence of Email and communication systems, productivity applications and enterprise tools that do everything from organizing process to reporting on financial data, would certainly impede success and profitability. And yet despite this, IT Security is still viewed as an unwelcome cost, rather than an enabler of business solutions.

IT matters to small-medium business success, and security matters to IT success.

Today any SMB can quickly adopt a new technology to gain new capabilities, improve efficiency and/or reduce costs. However each new application creates a need to secure users, data and the environment that the solution integrates into.

Those that treat security as an onerous requirement that is invoked each time a new technology is contemplated will be slow to adopt – and slow to profit from – new efficiencies.

SMBs that build effective IT security frameworks are able to move more quickly and surely than their competitors. Environments without effective IT security solutions will have difficulty innovating and are likely to fall behind more nimble competitors.

But, it’s no easy feat securing the SMB

Firstly this not about spreading FUD (fear, uncertainty and doubt). From the 2017 Ponemon Institute Study, statistically speaking - it is happening! More than 61% of SMBs have been breached in the last 12 months vs 55% in 2016.

SMBs are a lucrative target because most do not have sufficient defenses in place to protect, detect or react to attacks. In fact only 14% of SMBs rate their security as ‘highly effective’.

The Verizon Data Breach Investigation Report highlights common challenges for SMBs.

Why the SMB is a target

Lack of Resources

Lack of Expertise / Understanding

Lack of Information

Lack of Time

Lack of Training

It’s not so much these exact reasons; lack of resources, lack of expertise, lack of information, lack of time, lack of training - although they are all very relevant and real. The common issue on why we are seeing SMB as an easy target is because there is a ‘lack of something’.

  • Lack of resources
    SMBs have already made the investment in legacy systems and technology. They want to avoid investment in something else that also might require updating the whole infrastructure, updating storage or updating the operating system.
  • Lack of expertise
    The challenges are also becoming more and more complex. Organizations need to deploy security solutions that extend to remote locations and cover roaming and mobile users. For those customers that are located in a distinct geographic region, the problems are often just as complex. They have partners, consultants, supply chains that extend beyond the traditional network perimeter and make things even harder to defend.
  • Lack of information and training
    Most small and medium sized businesses do not have a sizable IT team. Security solutions with ‘stickiness’ tend to be simple to implement and intuitive to manage.
  • Lack of time
    Smaller businesses are understandably focusing on being operational from day to day, so they can serve customers to keep the business going and pay the staff working. Medium sized businesses often lack the buy in from management who need to be better educated on the dangers to make this a priority and offer the resources and training for IT to fulfill their security needs. It’s not just about money. Cybersecurity perspectives are available to assist the SMB, but it takes time.

The state of SMB security today is focused on just protective security

An effective security stance should go beyond merely “raising the shields” around users, data and networks.

But today most SMBs focus on protective security such as antivirus, patch management, email or web filters, application whitelisting and perhaps an intrusion detection system or two factor authentication for your most privilege accounts.

There’s nothing wrong with this. These are obvious protection and prevention steps you should take, but it’s not enough to just put the barriers up.

Despite best efforts, compromise will continue to exist. Attackers improve, look for new ways to take advantage and the problem is no one is detecting this. And if no one is detecting, no one can respond.

In fact, sometimes the challenge with a breach is to know they even happened at all. According to the Ponemon Institute, it takes on average 191 days to discover a breach.

The best protective strategy therefore needs to be validated over time. ‘Detect and react’ should be used to ensure preventative measures are working – spotting and reacting to abnormal or suspicious activity.

Automated controls that take action before damage is done

But likewise spending all your (limited) time trying to monitor every last bit of the network, looking for anything that looks out of place is a failing proposition.

It's a pretty costly mode of operation; it requires significant IT time and resources to put proper detection mechanisms in place, will likely raise an initial set of false positives that need to be fine-tuned, and necessitates reports and meetings to ensure the detection is actually working.

All small and medium businesses battle against lack of time and resources. They are far better off running and monitoring solutions that offer automated controls in addition to threat identification and real time response.

In short, should something fall outside a set of established restrictions, your solution should automatically take action before the damage is done – not only when IT intervenes.

Enterprise Caliber Security with SMB sensitivity

So how does an SMB build an approach that safeguards their organization, users and data?

Firstly, security solutions for an SMB and MSPs servicing them, should not be any less effective than it is for an enterprise client. The data is no less sensitive, the disruption no less serious. They need enterprise caliber defense in terms of focus and effectiveness, but with SMB sensibilities in terms of implementation and use.

Here are 8 SMB-friendly criteria to achieve minimum effort for maximum impact

Effective

Look to add layers to your security strategy. Putting a layered defense in place maximizes your chances of stopping a threat before it starts.

Intelligence

Solutions that just offer information result in the need to hire a watch dog. Choose intelligence and insights that can help spot and stop a breach.

Automated

Should something fall outside a set of established restrictions, your solution should automatically take action before the damage is done – not only when IT intervenes.

Limited administration

Most small and medium sized businesses do not have a sizable IT team. Security solutions with ‘stickiness’ tend to be simple to implement and intuitive to manage.

Accurate

SMBs cannot take a lot of false positives. There is no time to chase down 50 alerts a day.

Non disruptive for IT

Solutions that work alongside existing infrastructure don’t frustrate IT teams.

Easy adoption

If security overwhelms and stifles productivity, users can’t do their job and the solution is already dead on arrival. Security should be behind the scenes, protecting the users and the environment until the moment the user is truly conflicting with security protocol.

Cost effective

If you agree with the ‘when’ not ‘if‘ premise, then you already know your security strategy is incomplete and requires more investment. Security doesn’t have to come at a high cost – but it does have to be effective in relation to its cost.

Securing the SMB against external attacks and internal security breaches

Logons provide one of the clearest indications of potential compromise. They are the one common activity across nearly all attack patterns and often effortlessly compromised. It only takes a careless employee to share a password or leave a workstation unattended. Even the most careful employee can be exploited and the victim of stolen credentials.

With UserLock, IT Teams can make sure authenticated users are who they say they are, even when credentials are compromised. Logon attempts that don’t satisfy established restrictions are automatically blocked, before any damage is done. Risk detection tools alert on other suspicious activity offering IT administrators the chance to instantly react. Working alongside Active Directory, UserLock extends security far beyond group policies and native Windows functionality.

Watch a short demo as we walk through four common risk scenarios that UserLock mitigates and how the UserLock console provides you with real-time visibility and insights.

UserLock

Start a free trial now

30-day full version with no user limits

Infographic
Information Security advice for Small AND Medium Business (SMB)

It's no easy feat securing the SMB. Our Infographic highlights 8 SMB-friendly criteria to help choose IT security solutions that achieve maximum impact with minimum effort.

Discover the infographic