Small and medium-sized businesses can no longer afford to take data security threats lightly, and believe that they won’t be affected by data breaches. While there are certainly bigger fish out there that hackers can fry, SMBs are actually becoming more attractive targets due to the general lack of protection put in place. According to Inc contributor Joseph Steinberg, about half of all cyber attacks now target SMBs. These organizations are more likely to pay ransoms, can provide access to other businesses, have valuable data and will have a more difficult time detecting an attack as it occurs.
If these numbers don’t scare you, the consequences of a breach should. Sixty percent of SMBs that experience a cyber attack shut down within six months, The Denver Post reported. The ransom payments, costs to recover, lost customers and damaged reputation all add up and can be easily avoided with the right protections. It’s easy for SMB leaders to believe that safeguards are out of their reach, but necessary tools are more available than they think. Let’s take a closer look at four ways that SMBs can secure their data at a low cost:
1. Set Up Automated Maintenance Schedules
Automated schedules can help with data security measures, by rolling out out updates and maintenance.
For organizations with a large number of machines or a small number of IT professionals, it can be difficult to ensure that hardware and software solutions remain up-to-date. Rackspace noted that organizations often spend 10 hours or more per month per server on patches and maintenance-related activities. This doesn’t even account for situations where it’s necessary to update each machine by hand and fix configuration issues. Because SMB personnel often wear many different hats, the individual in charge of IT maintenance might simply not have enough time to complete all of these upgrades, leaving systems open with vulnerabilities.
A solution to this issue is well within reach for SMBs. Organizations can leverage automated maintenance schedules to roll out updates without the need for manual execution. This will also ensure that hardware is inspected and repaired or replaced before any failures occur, mitigating potential downtime while ensuring that vulnerabilities are closed within essential systems. These scheduling solutions can also be used to automatically back up critical assets. Many of these types of solutions come at a one-time fee and the time-saving benefits more than justify the cost.
“Create a standard for system configurations across the most important infrastructure.”
2. Lock Down Critical System Configurations
Consistency is the name of the game when it comes to enforcing security measures. Everyone is responsible for ensuring that business data is secure, but humans are still prone to error. Rather than take the chance, IT teams can create a standard for system configurations to use across their most important infrastructure. This means that if staff download a malicious file by accident, install an unauthorized application or change settings, a reboot-to-restore solution can reset everything to its proper configuration, undoing any potential damage and quickly reinstating security.
Policies around critical system configurations should extend to mobile devices as well. As more employees move away from desktops in search of remote work opportunities, it will be vital to avoid shadow IT and control the hardware as much as possible. Digital Guardian suggested leveraging Virtual Private Networks to manage work data. SMBs can also leverage mobile device management solutions and create strong bring-your-own-device policies to keep costs down and fortify data security measures.
3. Application Control
In addition to locking down system configurations to ensure data security, SMBs should look to leverage application control solutions. This will be especially important to implement across mobile devices including smartphones and tablets. Infections targeting mobile devices are on the rise, with Android smartphones being the largest focus for these malicious campaigns, Network World reported. Nokia’s 2016 Mobile Threat Intelligence Report noted that at the beginning of last year, only 600,000 Android malware samples were in its database. By the end of 2016, 12 million strains had been identified.
Teaching employees how to spot suspicious apps and when to deny data access is a good first step, but application control will give SMBs peace of mind. Malicious programs are becoming more sophisticated to appear legitimate. In addition, dangerous software is easier to create than ever before. With a Trojan Development Kit, attackers simply have to follow the instructions and fill out forms to get a custom ransomware app for distribution without having to write a single line of code, according to ZDNet. Application control ensures that malicious and unapproved programs are blocked from executing in ways that put business data at risk. Pairing this with a monitoring tool will help block sensitive information from being accessed by dangerous programs as well as quickly identify and mitigate unusual behavior.
Anti-virus can protect against common threats.
Anti-virus is a proven measure when it comes to detecting and eliminating the most common threats. In addition, there are a number of anti-viruses that SMBs can get for free or as part of a package with other security tools. Forbes contributor Monty Munford noted that anti-virus solutions have evolved over time to protect consumers and businesses. Vendors now have more than two decades of experience constantly innovating and updating anti-virus products, while ensuring they are cost-effective and easy to use. Anti-virus still has a place in business security strategies because each SMB has a different level of digital and computer literacy, but anti-virus transcends these boundaries.
“I’ve worked in this industry for 10 years and seen a lot of changes and there will be more to come,” industry expert Paul Lipman told Munford. “But, don’t forget how anti-virus products managed to keep the internet going during the years when it was most vulnerable. I really think it still has a huge role to play in protecting the consumer.”
SMBs go up against a lot when it comes to managing resources and ensuring that they’re protected effectively from evolving threats. By layering cost-effective security measures like anti-virus, reboot-to-restore, application control and automated maintenance schedules, SMBs can set their protection strategy up for success without breaking the bank. For more information on how SMBs can ensure data security at a low cost, contact Faronics today.