Sam Elliott of Bomgar offers the top five insights for security service providers from the recent 2016 State of Cybersecurity in Small & Medium-Sized Businesses (SMB) study.
Most large enterprises are painfully aware of their security vulnerabilities and are proactively working to mitigate risks. But recent research has proven that small and midsize businesses (SMBs) don’t fully recognize how high the likelihood is that they’ll suffer an attack or the business implications surrounding such vulnerabilities. Moreover, they’re not fully aware of all of the facets of a well-rounded cyber defense. These days, it’s about way more than firewalls and antivirus software.
According to a recent Ponemon report, more than 50 percent of 600 SMBs in North America have been breached in the last year, and only 14 percent of these companies rate their ability to mitigate cyber-attacks as highly effective. In this environment, it’s clear that SMBs need protection against potential security threats with the same diligence as their enterprise counterparts. However, given their limited time and resources, it’s no surprise that many SMB security pros can quickly grow overwhelmed.
The Ponemon survey found that the chief security challenges facing SMB customers include negligent employees, contractors and third party vendors, unsuitable technologies and insufficient personnel and budget. IT admins are understandably confused as to the right mix of best practices and tech that will lead to a secure organization, and they need your expertise. There is no single solution to overcome these challenges, but there are immediate actions that can be taken to create a secure and reliable network – without having your customers break their budget or require an enterprise-size team to succeed.
When your customers come to you for help with security, here’s the biggest vulnerabilities to highlight, and how to explain what you can do to help protect their systems:
- Evaluate privileged users
The Ponemon study reported 59 percent of respondents have no visibility into employees’ password practices and hygiene. Because one of the biggest challenges SMBs face is negligent IT employees, contractors, and third parties, taking the step to evaluate these users is crucial. According to the study, 41 percent of breaches were caused by mistakes from third parties such as vendors and service providers, and another 48 percent were caused by a negligent employee or contractor. Too many admins grant permissions above and beyond what individual users need to perform their job functions.
Though it may take more time on the front end, it’s important to identify who these privileged users are, assess their IT permission levels, and make sure they only have access to the systems they actually need. Make sure you outline the requirements for application passwords, including two-tier authentication, regular changes to passwords and policies employees can follow to help safeguard them. It might seem like just a matter of common sense, but unless these processes are defined and outlined, employers can’t be sure they’ve effectively communicated requirements to users.
- Limit virtual private network access
One of the biggest trends in the modern workforce is the ability to work remotely. Millennials, in particular, are demanding flexible work environments in ever-increasing numbers. To accommodate this, many SMBs use virtual private networks (VPNs)—which are easy targets for hackers. VPNs are useful for allowing remote employees to access files saved on the network, for example, but are not designed to facilitate a connection from within the network to an external point. Despite this, numerous organizations use VPNs to grant access to vendors and other third parties. If the vendor is breached, cybercriminals can quickly exploit this VPN access and move around the network escaping further detection. Providers should suggest removing direct and unmanaged VPN access and replace it with managed privileged access.
- Block access to unsecured remote access tools
In response to limited IT budget and resources, SMBs may use free remote access tools to remotely troubleshoot users’ devices. The temptation for overwhelmed admins to rely on these unauthorized tools is understandable, but they are simply not worth the risk. Work to block access from these unfortunately commonly used tools which provide an attractive and easy pathway for hackers.
Standardizing on a centralized and secure tool for remote access is a critical step to addressing this security gap, and it’s an area that channel partners can unequivocally provide valued expert advice to customers that aren’t sure which tool is best suited to their unique needs.
In addition, if an organization outsources its IT support—a common practice among SMBs—it’s essential that the company ensures the support provider is utilizing a solution that fosters secure connections to sensitive systems and applications. Develop a list of authorized solutions or of requirements that the third-party tool must meet in order to be approved for use in your customer’s systems, and then insist that no exceptions be made. Compliance only works as a deterrent if it’s consistently applied to all users.
- Track Activity
In addition to blocking unsecure tools, implement a remote access solution that enables you to record and monitor third-party access to your customers’ systems. Having a record of how the technology is being utilized—and by whom—enables companies to have greater insight into what privileged users and other third parties are doing on the network.
As a bonus, providing regular reports that clearly detail where your customers’ security vulnerabilities lie and to what extent the solution you’re providing has helped protect them is one of the most surefire ways to create stickiness with your business relationships. You want to be able to point to something concrete that illustrates your value and convinces your clients that you’re best positioned to fill their security needs.
- Eliminate simple/shared passwords
The Ponemon report also found that 65 percent of respondents do not strictly enforce their documented password policies. Realizing this, SMBs should require every privileged user to have his or her own unique passwords. Replacing simple or shared login credentials is a small, yet strong initiative to protect network security. Taking it a step further, implementing multifactor technology as well as a Password Vaulting solution, in which you can securely use shared passwords, is also a security best practice. Ponemon correctly states that strong passwords and biometrics are necessary elements of an effective security defense. It’s time to begin enforcing stricter password policies, and therefore pushing for stronger IT security among employees.
While it’s never possible for your SMB customers to prevent against all the security threats facing them today, the steps outlined above can address some of the most common problems. Auditing the environment and setting parameters around what tools are used to access the network, by whom and in what ways is critical. By taking action, small and mid-sized businesses can reduce the risk of becoming the next victim of a security breach—and you can become an invaluable asset to their internal teams. Everybody wins.
Building a secure and reliable network is a team effort, and everyone has a role to play in order to ensure it stays that way.