How to develop your SMB’s multi-layered approach
It’s essential to have a proactive approach to IT Management and Cyber Security today. If you still rely on reactive measures, you are leaving an “open” back door that is vulnerable, and one day just may be too late to close.
When it comes to IT services, you know that the only constant is change. That means the services you offer today will have to change for tomorrow. So, what are the biggest issues on the horizon? “Security tops the list, followed by SDN, IoT, and edge computing,” says Steve Zurier, citing a recent survey by Enterprise Management Associates (EMA) in TechTarget.
In this four-part series on The New Cyber Needs, we look at each of these evolving service needs, and what you should do to prepare.
SMB Security for Tomorrow
Part of the reason that security stays so close to the top of the list is that it’s a problem that’s always evolving. “With each passing year, the threat landscape becomes more dangerous,” Zurier says. He describes new enterprise security solutions that go beyond a firewall to add multiple layers of protection. In PC Magazine, Juan Martinez and Oliver Rist echo the need for a multi-layer solution, saying that direct hacks have become more sophisticated but automated attacks have become much more prevalent:
Much of today's malware simply crawls the internet looking for open vulnerabilities, so if you've left holes in your digital fence, sooner or later those robo-bad guys will find them. The best defense against this kind of auto-barrage is a layered approach to business security…
"SMBs need to stop thinking they're the target," said Liviu Arsene, Senior E-Threat Analyst at Bitdefender. "More than anything, SMBs need to be concerned about their clients. The SMBs might not be the end of where the attackers are going to go."
Martinez and Rist go on to outline essential layers that every Small-to-Midsize Business (SMB) should consider to protect itself against today’s direct hacks and auto-attacks:
- Web Application Firewall (WAF): Firewalls are still the cornerstone of your security, giving you a tool to manage web portal and web app traffic, automatically blocking the known attack points and patterns while protecting legacy software or other known weaknesses.
- Spam Training and Anti-Spam Software: The best SMB approach to fighting spam might be user education—but that doesn’t mean it’s a minor issue, or that it only threatens uneducated users. There are thousands of successful Business Email Compromise (BEC) attacks each year, including one that made the Wired Magazine list of the biggest attacks in 2018: “the attack used carefully crafted spearphishing emails to trick professors and other university affiliates ... of the 100,000 accounts hackers targeted, they were able to gain credentials for about 8,000."
- Keep Software Up-to-Date: Web browsers and operating systems are common targets for hackers, and their regular software updates guard against the latest threats. Be sure to install these updates—automatically, as long as the updates won’t create incompatibilities or issues with other systems. Midsize businesses might consider a patch management system to help allocate updates by user, device, or application.
- Endpoint Protection Software: Traditional antivirus products monitor individual devices and applications. But endpoint protection software is like the good-guy counterpart to those auto-attack bots. Endpoint protection constantly crawls your network’s firewall, web browsers, operating systems, and other applications to ensure that everything is up-to-date and protected. It alerts you when it finds vulnerabilities—or even solves them automatically.
- Next-Generation Firewalls (NGF): Your WAF protects your web portals and apps from incoming threats, but an NGF monitors both incoming and outgoing traffic for suspicious activity. An NGF can help you spot unusual app or bandwidth usage by an individual or group. Some NGF solutions are on-premise and some are cloud-based—since all of your traffic flows through this firewall, test an NGF to make sure it won’t cause performance issues.
- Backup and Recovery: You need a Plan B. You need a commercial backup solution that can guarantee your information can be recovered—for many businesses, that information is as the contents of their bank accounts. Make sure it’s secure. It’s a good idea to run a separate daily, weekly, and monthly backup, each storing data in different locations. There are many cloud-based solutions that make this easy for an SMB. You might want to consider a Disaster Recovery solution as well, if you run on-premise systems that would take a lot of time to reload and restore.
- Mobile Device Management (MDM): MDM tools let you locate and clear a laptop, tablet, or smartphone if it’s lost or stolen. Many also give you options to configure some of the settings and documents on these devices—even separating this information from personal information on the device.
- Identity Management: If your users have multiple passwords for multiple work systems, you might want an identity management system that gives them an automatic single sign-on (SSO) and provides extra access security. These tools also let you establish minimum password standards and configure multi-factor authentication (MFA) if you like.
Taking Security to the Next Level
Martinez and Rist close out their recommendations with one more that applies to SMBs which have become real targets for direct hacks. It’s what they call “the honeypot trap”—it’s “servers or computers loaded with phony data that are designed to attract the attention of hackers. They are typically less secure than the other systems in your network … this is a great way to set a mousetrap for intruders.” But, this is a trick for the professionals. You’ll want an expert to design and implement this kind of approach.
The key thing to understand is that the security game has changed—and it will keep changing. Surviving one attack doesn’t mean your defenses are secure. It might actually be a sign of more to come. “While organizations are still using single-focus solutions to combat specific attacks, attackers are striking across multiple layers, using their initial compromise to establish a beachhead, from which they can launch subsequent attacks,” says Business 2 Community’s Linda Misauer at Business 2 Community. “The target is everybody and everything! Attackers throw a wide net, hoping for any takers. Organizations need to be prepared on all fronts,” Misauer says.
A One-Source Solution
All of these security layers might seem like a tangle of complexity and overlapping solutions. As your business looks to expand its IT infrastructure, you may be concerned about whether you can meet the increasing security risk. It can be challenging to build and maintain in-house security expertise that is prepared for ever-changing threats.
The need for an evolving security platform is one great reason to consider outsourcing your IT and its maintenance to a trusted service management team. When you outsource all or part of your IT, you have quick access to established professionals who are ready around the clock. Because hackers don’t take a night off.
To talk about outsourced IT infrastructure for SMBs, network operation center (NOC) monitoring, patch management, and more, contact us today.
Maintech was founded in 1973 as a Third Party Maintenance (TPM) company delivering IT Hardware Maintenance services to the Financial Services and Telecommunications marketplaces. Over the years, Maintech has evolved into a truly Independent Services Organization (ISO) delivering a comprehensive portfolio of single-source Managed Services for IT Infrastructure Support including Hardware Maintenance, NOC Monitoring, Server and Network Administration, Cloud Services, Help Desk, IT Asset Management/Destruction and many more. Maintech serves customers ranging from the SMB to the Fortune 100 global enterprise marketplace. Collectively, Maintech and its sister company DecisionOne, represent the largest IT Infrastructure Services-only company in the market today.