Look around any modern small and medium business (SMB) and you will see how IT solutions are critical to business success. IT seems to matter to small-medium business. Yet those very same businesses treat the security of these IT solutions as an onerous requirement.
This lack of sophistication around most SMBs security stance means they have become a lucrative and easy target. Without the sufficient defenses in place to protect, detect or react to cybersecurity attacks, it’s no surprise that more than 61% of SMBs (2017 Ponemon Institute Study) have been breached in the last 12 months.
SMB security today is focused on just protect, pray and then react
Today most SMBs approach to any kind of attack – which includes data breaches – is a reactive one. Think about it, in every kind of attack-related scenario – whether an external attack, an insider threat, malware infection, ransomware attack, etc. – the “business as usual” methodology is to detect the attack/infection and then to react with an incident response plan.
The problem with this methodology when considering a data breach, is that the average cost/record in a data breach (which includes the cost of investigation, legal, PR, remediation, etc.) is $141 – that’s per record (2017 Ponemon Institute Study). So, even a “small” data breach of only 1000 records, will cost an average of $141,000.
It’s simply not cost-effective to just put the barriers up and pray.
Avoid data breaches with a layered defense
What’s needed is a far more proactive approach – one that uses a layered security strategy, detecting suspicious activity at each step of the breach “process”, and putting a stop to a potential breach as early in that process as is possible.
At a high-level, your proactive approach to thwarting data breaches is accomplished by protecting your most valuable data at a few levels:
Vulnerability Protection – The bad guys need to get in somehow, and known vulnerabilities are a prime target. Ensuring operating systems and applications are patched is critical. Sure, this may seem rudimentary, but the reality is even in environments where it’s believed to be completely patched, vulnerabilities still exist, giving attackers entry to your network.
Threat Protection – Should an attacker get in, you need to have a way to stop them before they can do anything truly malicious. Antivirus, endpoint protection, and application whitelisting are just a few types of security solutions that can neutralize a threat the moment it rears its ugly head.
Environment Protection – Attacks can’t succeed without first logging onto the system containing the data of value. Having some kind of logon monitoring in place will provide you leading indicators that misuse of credentials is in play – well before an actual breach occurs.
Data Protection – You need to assume the bad guys can get past the first three layers. If they do, you need a way to keep tabs on the data you deem worthy of stealing (and keep in mind, it may not just be your customer or credit card data; even your upcoming press releases can be used for insider trading if you work at a publicly traded company). This means using file-level or application-based auditing of access to identify and notify IT of improper access the moment it starts.
Choose enterprise caliber security with SMB sensitivity
All small and medium businesses battle against lack of time and resources. But the data they are protecting is no less sensitive, the potential disruption caused is no less serious. As an SMB builds a layered defense they need to choose solutions that offer enterprise caliber defense in terms of focus and effectiveness, but with SMB sensibilities in terms of implementation and use.
Here are 7 criteria an SMB should look for:
Limited Administration – Most small and medium sized businesses do not have a sizable IT team. Security solutions with ‘stickiness’ tend to be simple to implement and intuitive to manage.
Automated Controls – Should something fall outside a set of established restrictions, your solution should automatically take action before the damage is done – not only when IT intervenes.
Intelligence – Solutions that just offer information result in the need to hire a watch dog. Choose intelligence and insights that can help spot and stop a breach.
Accurate – SMBs cannot take a lot of false positives. There is no time to chase down 50 alerts a day.
Cost effective – If you agree with the ‘when’ not ‘if‘ premise, then you already know your security strategy is incomplete and requires more investment. Security doesn’t have to come at a high cost – but it does have to be effective in relation to its cost.
Non-disruptive for IT – Solutions that work alongside existing infrastructure don’t frustrate IT teams.
Easy adoption – If security overwhelms and stifles productivity, users can’t do their job and the solution is already dead on arrival. Security should be behind the scenes, protecting the users and the environment until the moment the user is truly conflicting with security protocol.