With limited security budgets and overworked IT teams, small and midsize businesses (SMBs) are an obvious target for cyberattacks. As a business grows and its software systems scale, so do its vulnerabilities and attack surface. Nearly half of all cyberattacks target small businesses for this very reason, and 60% of those attacked go out of business within six months.
Most business leaders know their IT security systems are lacking, but overhauling and improving them is a daunting task, and many simply don't know where to start. Here are five tips for SMBs to establish a security strategy and protect their assets.
1. Be honest in your assessment.
The first step to addressing vulnerabilities is understanding them. A robust security assessment should encompass all IT systems and business processes, identifying the most vulnerable aspects to attack and the most critical assets for the business. Consider implementing security assessment software, which should not only identify vulnerabilities, but provide clear, concise benchmarks and offer recommendations to lower the risk of attack.
When weighing the options, effective security assessment tools should have the ability to identify the following:
- External vulnerabilities that could allow malicious actors to gain access to the network
- Flawed outbound protocols, which may leak sensitive data
- Inadequate web browser controls
- Wireless network vulnerabilities
- Network sharing and user access permissions
2. Time is money: Automate patching to reduce risks quickly.
Most recent cyberattacks have been caused by inadequate or delayed patching. Establishing and maintaining patch management process is a key aspect of overall security, but with small, multifunction IT teams, often without dedicated security personnel, many small businesses struggle to manually patch vulnerabilities in a timely manner. Automated patching, on the other hand, is a cost-effective alternative to patching manually and greatly reduces the risk of prolonged patching processes, which allow hackers to take advantage of known vulnerabilities.
Kaseya's 2019 State of IT Operations Survey data showed that automated software patch management is a key area for improvement in most SMBs. Only 42% of respondents automate or plan to automate patch management and, similarly, just 42% monitor third-party software and apply critical patches within 30 days. Given that big security breaches are frequently a result of failure to patch in a timely manner, automated patching stands as a significant area for improvement for more than half of respondents.
3. Strength in numbers: Make multifactor authentication (MFA) a priority.
While it may seem comical, weak passwords — such as the painfully obvious "password" — are a major security risk and a leading cause of data breaches. WeWork, a shared workspace company, recently came under fire for using a "laughably weak" password in its national and international locations, which put thousands of customers and their sensitive data at risk. Old, weak passwords are ripe targets for brute-force attacks, where hackers use bots to systematically try to enter every possible password until they "guess" correctly.
MFA is a simple way to dramatically reduce the risk of unauthorized access by requiring an additional form of identification, typically in the form of smartphone app or token, which is commonly known as two-factor authentication (2FA). Over 80% of data breaches in 2017 were caused by hacked passwords, many of which could have been prevented by simply installing an identity and access management solution with 2FA.
4. Be aware of threats from within.
Insider threats are another common source of security breaches that can be difficult to detect and are typically unaffected by traditional antivirus and antimalware tools. While many insider threats involve malicious attacks, employee negligence is also a contributor. Because the actors already have access to the system, it's critical for small businesses in particular to identify and respond to issues that may indicate an internal threat.
Specialized software is required to monitor and flag signs of insider threats, which include:
- Suspicious, unnecessary, or unauthorized logins
- Changes to user permissions or device access
- New or unrecognized devices on restricted networks
- New installations on locked or restricted systems
5. Back up your systems — all of your systems.
Ransomware, which denies users access to their systems until a ransom is paid, is a favored tool for hackers seeking financial gain. While large companies, states, and even local city governments recently have fallen victim to ransomware, small entities make ideal targets because they're less likely to have adequate security and backup systems in place, and more likely to fork over the money. Today's distributed software architectures offer hackers a multitude of critical systems and data lakes that can be held for ransom, making a business continuity and disaster recovery solution a crucial aspect of any security strategy. Look for a solution that's capable of securely backing up every system in the IT stack, from on-premises to cloud.
Evolved malware and hacker capabilities coupled with the sheer number of vulnerabilities and points of access make an entirely secure system next to impossible for giant corporations and small businesses alike. There is, unfortunately, no one-size-fits-all strategy for securing a small business, but a robust plan and the implementation of new technologies such as automation will help you and your IT team sleep better.
- 7 Ways SMBs Can Secure Their Websites
- I'm an SMB. What Should I Watch for When Choosing Security Vendors?
- State of SMB Insecurity by the Numbers
- Assessing Cybersecurity Risk in Today's Enterprise
Check out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's featured story: "Chaos & Order: The Keys to Quantum-Proof Encryption"