New malware protection innovations, such as software defined security, are becoming increasingly accessible to small and midsized businesses (SMBs) through their data center providers, but discussion remains about how these solutions will be most effectively deployed. Hackers aren’t waiting for these issues to be ironed out before planning their next breach. However, there are immediate steps SMBs can take to protect their organization’s sensitive data while planning long-term security strategies.
SMBs, especially in the retail and BFSI (Banking, Finance, Securities, Insurance) sectors, are responsible for protecting data as sensitive as the information held by large organizations and providers, but lack the same level of IT resources. Coupled with the false but widespread notion that hackers and malware writers overlook SMBs in favor of headline-making massive breaches, organizations might be tempted to relax security measures, becoming a more vulnerable and likely target. “In 2013, 61 percent of targeted attacks were aimed at small and midsized companies; 31 percent of those were midsize companies,” says Kevin Haley, director of product management for Symantec Security Response. “Smart companies will be looking to take extra precautions to protect their Point of Sale (POS) systems.”
Skirting large financial institutions’ complex IT security infrastructure, hackers may attempt access to SMB bank accounts via the less resistant method of ferreting possible insecure login credentials. Unlike consumer protection standards, SMBs are not reimbursed by their bank if their funds are stolen.
“At the very least, businesses have customer data that attackers are after. Not all breaches are after credit card data,” says Haley. “In fact, the top information stolen from companies is not credit cards, but customer names, addresses and government ID numbers. This allows attackers to steal identities. These can be more valuable to attackers than a credit card, which can be easily changed. A person trying to change their name and address is not so easy, and customers will long remember the company that put them through the cost and effort of fixing an identity theft.”
Although cloud-based software defined security solutions for SMBs and their providers is a recent and still evolving capability, virtualized security point products are gaining broad acceptance as an agile data protection option for SMBs. “The best thing they can do is to look to deploy security solutions that can help them address threats across the attack continuum, before, during and after the attack, while not adding management and investigative burdens,” advises Jason Brvenik, principal engineer for Cisco’s Security Business Group. “The most affordable technologies which enable this are often cloud-based, available as a subscription and are intended to remove the burden of keeping up with threats that are a daily task for larger organizations.”
While exploring cloud-based and other long-term security solution strategies, Haley says SMBs should teach and emphasize cybersecurity fundamentals to its employees that are easily overlooked or not strictly enforced by an organization’s IT staff, which might be occupied with other technical issues. His recommendations include: installing an integrated security solution on all devices and email servers, requiring employee passwords to be alphanumeric combinations that are changed at regular intervals and backing up systems, files and applications daily to an off-site location. He advises SMBs keep their currently implemented security software effective by downloading programs’ latest updates and timely patch applications to close vulnerabilities. Consistent updating “will help prevent security holes that act as doors for malware to gain access to a system,” Haley says. “The ability of the Conficker worm to spread so widely early last year was due in large part to so many systems not having a simple patch applied—a patch that was made available months before the outbreak ever occurred.”
Haley also recommends workplace education about clicking on links within emails (a common method of spreading malware), use of file sharing applications and downloading free programs that might inadvertently contain malware. “Require that employees have their own individual user accounts and have access only to the information and applications they need to do their jobs,” he adds. “This will ensure that if an attacker is able to infect a user’s machine, they likely won’t be able to gain access to the entire infrastructure.”
Any effective security strategy option a SMB chooses should be agile, Brvenik says, along with the understanding that no matter how well protected, breaches will remain a possibility. “A strong focus on the reduction of the overall management burden and integration into business process and outcomes is a requirement. Supporting services from a qualified partner or service provider should be readily available for these products. Most importantly, it should be understood that not all attacks can be prevented all the time, a retrospective capability to respond once a compromise is known is essential to maintaining business continuity and minimizing any possible impact.”