More feature stories by year:
Return to: 2012 Feature Stories
CLIENT: NETWORK BOX USA
May 2012: PC Today
The truth concerning SMBs and security, says Pierluigi Stella, CTO of Network Box USA (www.networkboxusa.com), is that unless it's required or mandated to maintain standards, "too many SMBs don't do much at all with security." Many "barely have a firewall and some antivirus on the desktop," he says, and underestimate the need for more security. IPSs (intrusion protection systems) are rare, content filtering is lackluster, and VPNs (virtual private networks) aren't commonly used—and this is just at the gateway. At the network and desktop levels, he says, true endpoint security is rare and end users are relied upon to perform updates but instead turn off antivirus protection because, they claim, it slows down their computers.
Considering that well-organized, well-funded cybercriminals are currently launching more malware than ever, and mobile devices, social networking, and wireless networks are introducing more security risks for businesses, this lack of security is alarming. More than ever, SMBs should be diligently monitoring and maintaining stealth security protection.
Several factors have significantly changed the security landscape in recent years for SMBs. As Secure Technician (www.securetechnician.com) CEO Monte Robertson says, "Threats and attacks are becoming targeted and stealthy as opposed to widespread headline grabbers. People think they are safe because they don't see a problem, and that's exactly what the hacker wants."
Stella says the flood of malware has become unstoppable, increasingly taking aim at employee-owned devices and wireless networks. Additionally, attacks are sometimes borne from users unintentionally disseminating private data on social networks, and social networks have become malware sources. "We no longer talk about script kiddies," Stella says. "We talk about organized crime; we talk about hackers as a business, with objectives and budgets."
Jacques Erasmus, Webroot (www.webroot.com) chief information security officer, says that with increased use of Internet-connected mobile devices, "the threat landscape will show no signs of slowing down." Thus, security solutions for SMBs will "reflect those changes by leveraging the cloud to deliver more effective protection against zero-day threats, automatically protecting employees and all their devices."
Mobile devices are "where the market is going," Robertson says, and hackers go where the market does. Thus, mobile-specific security solutions are increasingly available to SMBs. Solutions should be able to locate lost or stolen devices, remotely lock or wipe data, and protect against viruses and spam, Robertson says. He also recommends enabling data encryption for mobile devices.
If allowing mobile devices on your network via local wireless connection, Stella says, ensure the connection is "kept separate from your LAN and there's some sort of filter in between—firewall, IPS, AV scanning." Many antivirus companies, he says, provide mobile-specific malware signatures. "Ensure your filtering device has that so your mobiles are protected, and if they're already infected, you'll be alerted and be in a position to take appropriate action." For mobile devices used outside the company network, use VPNs to connect to the LAN, and "never allow clear text open connections," Stella adds.
Erasmus says that "even having employees in remote offices makes it harder to manage security settings such as Web and email content filtering if you're using an on-premise security solution." Cloud security solutions, he says, are more effective than on-premise solutions for securing mobile devices because "they extend protection to the Internet layer instead of securing a perimeter that no longer exists."
For SMBs with limited resources, outsourcing security can be a better option than maintaining security in-house. Typical SMB IT departments have a few people handling many responsibilities. "Security is not their main focus, nor is it their expertise," Erasmus says. "Protecting a business network in today's quickly evolving threat environment is a full-time job, and it requires a dedicated security expert who can focus on threats in real time," a luxury SMBs often can't afford. Factor in more mobile workers, he says, and IT managers must seriously question the effectiveness of on-premise security.
Stella says security experts who command high salaries are currently in high demand, so it's not realistic for SMBs to retain a security professional long term. Moreover, "a single security professional cannot protect a company, no matter how small," he says. "Security as a process is something that requires 24/7/365 dedication" and "a visibility of the Internet that a single person managing a single device can never have." Foremost, he says, SMBs should consider outsourcing for the monitoring and management of a UTM (unified threat management) device protecting the perimeter.
If outsourcing security, ensure the provider maintains a response center that monitors the entire Internet and creates real-time signatures for up-to-date protection of its security devices, Stella says. Many companies underestimate security's potential impact on the business's overall performance, Stella says, and allow a network engineer to oversee security. "Network security and network diagrams aren't one and the same," he says. "Knowing 'the language' to configure a firewall does not make one a security expert, but it makes one dangerous enough to cause possible damage," which could prove costly to the company.
Erasmus recommends solutions targeted at your sector. "A lot of enterprise-based security solutions are heavyweight solutions that require constant management," he says. Most SMBs can't afford these, he says, and should eye lightweight alternatives that don't require massive management resources. "This will give them the best protection with the least drain on their teams," he says.
At a minimum, Stella says, every business should have a firewall, IPS, gateway email protection, Web filtering, and VPN. Purchasing these tools separately, however, is costly initially, hard to maintain for SMBs, and requires expertise that may be unaffordable. Consequently, he says, there's a real risk of spending money for nothing if the tools are not configured or are configured incorrectly. Conversely, obtaining these tools in one UTM device is a viable alternative, he says. "I cannot stress enough the importance of using a good UTM to protect your perimeter. Don't forget antivirus at the end points, use VPNs when connecting remotely, but also use security best practices in everything you do," he says.
Return to: 2012 Feature Stories