Small and mid-sized businesses (SMBs) face a unique set of obstacles concerning their IT security. These obstacles can shake the confidence of their IT team, and as a result, they stand to be a likely victim of a security breach.
Ponemon Institute's 2016 Cost of Cybercrime report proves that in the current cybersecurity landscape, the average company could expect a $4 million dollar loss per breach incident, with United States companies experiencing an additional $3 million dollar loss. And according to another Ponemon Institute survey, the 2016 State of SMB Cybersecurity report, more than 50 percent of 600 SMBs in North America have been breached in the last year.
These are consequences that SMBs cannot afford to face.
The results of the second Ponemon report also summarizes the unique challenges that SMBs face when it comes to their IT security.
Both reports are indicative of the reality confronting SMBs: due to their size and relatively limited staff and technology resources compared to enterprises, they are both more vulnerable to cyber-attacks and less able to absorb the huge financial impact that can result. This is a big contributing factor to why IT pros at SMBs are feeling less than confident as attacks rise.
Another factor is the diversity of those attacks, and their increasing sophistication. These include web-based and phishing/social engineering attacks, ransomware, attacks specifically targeting information of privileged users, and attacks that target virtual private networks (VPNs) that can provide an all-access tunnel into a network.
On top of these emerging threats, SMBs face the same day-to-day IT challenges that plague every organization, including negligent security practices by employees, contractors and third parties, legacy technologies that can’t protect against modern cyber-attacks, insufficient personnel, and the absence of determined IT security priorities.
Despite this, SMBs must realize that lacking an enterprise budget or large team of IT pros does not prevent them from preparing for these difficulties and better protecting against an attempted breach. Solutions can be found within the organization by utilizing their existing resources and eliminating unsafe practices or tools, and expanding their technology to combat these obstacles.
Here are five common security pitfalls, and potential solutions for SMBs to deploy:
Challenge: Web-based phishing/social engineering attacks
Solution: Eliminate simple and shared credentials
Ponemon’s 2016 State of SMB Cybersecurity report found that 65 percent of respondents do not strictly enforce their documented password policies. SMBs should require every privileged user to have his or her own individual credentials. Replacing simple or shared login credentials is an initiative that requires very little effort. SMBs can also enact a multi-factor authentication requirement that reduces the risk of hackers and keystroke loggers from gaining access to sensitive systems and information as well.
Challenge: Threats to third parties
Solution: Regularly evaluate privileged users
According to Ponemon’s most recent State of SMB Cybersecurity report, 41 percent of breaches were caused by third-party mistakes, and another 48 percent were caused by a negligent employee or contractor. SMBs need to identify who these privileged users are, assess their IT permission levels, and make sure they only have access to the systems they need. By doing this, credentials that fall into the wrong hands are less likely to provide a hacker wide open access to systems.
Challenge: Legacy technologies
Solution: Monitor virtual private network access
While many SMBs use virtual private networks to provide users remote access to the systems and files they need, many even in IT falsely believe VPNs are synonymous with security. But in actuality, breaking into a VPN is a common and successful method for hackers. Once cybercriminals gain credentials and access to the VPN, they can move around the network escaping detection. Limiting who can access and utilize the VPN reduces the opportunity for potential hackers, and in some cases, eliminating VPN usage can significantly strengthen the company’s security profile.
Challenge: Use of free tools to enable support
Solution: Conduct a technology audit
To cope with limited staff and budget, some IT departments at SMBs might resort to using free remote access tools to remotely troubleshoot users’ devices—but these are not worth the risk. Nearly all of these tools can be considered unauthorized and unsecure, and IT staff must work to block access to them. The first step in this process is conducting an audit of all tools being used in the organization. That audit should be repeated several times a year as a best practice in IT security. A safer solution for SMBs is to standardize remote access on a centralized and secure tool. In addition, if an organization outsources its IT support—a common practice among SMBs—it’s essential that the company ensures the support provider is utilizing a solution that fosters secure connections to sensitive systems and applications.
Challenge: Lack of visibility into security threats or gaps
Solution: Track activity
Visibility is something every IT organization can improve, yet it’s also easy to fall behind on. IBM and the Ponemon Institute teamed up on a study that reported the results of a survey of 383 companies worldwide that suffered a breach with a loss between 3,000 and 101,500 records. The report found the average time to discover a breach is 201 days. Part of that long delay between breach and detection is an inability for companies to monitor access—who is accessing their systems, when, and for how long. An audit trail with this information can help detect anomalies, which can signal suspicious activity more quickly. Remote support tools are one of the technologies that enable an audit trail. Having a record of how the technology is being utilized—and by whom—enables companies to have greater insight into what privileged users and other third parties are doing on the network.
Small and mid-sized businesses carry the same security obligations as large enterprises, and their data can be just as valuable to cyber criminals. By following these steps, their IT departments can still deliver exceptional service and protect their organizations from security threats without the resources of a larger organization.
(About the author: Sam Elliott is director of security product management for Bomgar. )
Register or login for access to this item and much more
All Information Management content is archived after seven days.
Community members receive:
- All recent and archived articles
- Conference offers and updates
- A full menu of enewsletter options
- Web seminars, white papers, ebooks
Already have an account? Log In
Don't have an account? Register for Free Unlimited Access