By Jack M. Germain
Sep 17, 2020 9:54 AM PT
The stampede from offices to working from home has strained IT security teams to their limits. As a result, SMBs find they need to get more bang for fewer bucks to fight off cybersecurity threats.
Network security firm Untangle on Sept. 8 released the results of its third annual SMB IT Security Report. Polling more than 500 SMBs, the report explores major barriers for managing IT security. The results reflect the growing challenges the pandemic caused in forcing massive shifts to remote work.
Nearly half of IT pros have altered their security plans as a result of large-scale breaches reported in the media. The report shows that IT teams, in addition to protecting their organizations from increasing cyberattack risks, must also contend with the unintended consequences of the coronavirus pandemic.
The survey revealed that as businesses consider more permanent plans for their employees, 56 percent will continue to have some employees work from home permanently. Another finding shows 38 percent of SMBs allocate US$1,000 or less annually to their IT budget.
SMBs are proactively putting tools in place to combat attacks. They are able to limit their vulnerabilities even though they continue grappling with limited security budgets and resource constraints.
However, dealing with these challenges during a cross-industry WFH shift has created gaping vulnerabilities within their networks. This adds another challenge to already overburdened IT departments.
“As the abnormal becomes our new normal, SMBs need to approach remote work by using a combination of cloud-based applications and on-premises solutions to keep employees and systems safe, and ensure business continuity,” said Scott Devens, CEO at Untangle.
SMBs should be looking for technologies that incorporate multilayered network security tools and hybrid network infrastructure, such as SD-WAN, to avoid large-scale network vulnerabilities, regardless of budget and resource size, he suggested.
This survey revealed a critical takeaway about the changing cybersecurity climate the pandemic thrust upon SMBs, warned Joseph Carson, chief security scientist and advisory CISO at Thycotic.
“The report is clear that SMBs do become victims of cyberattacks and that it is better to invest upfront rather than try to survive in a post cybersecurity incident,” he told TechNewsWorld.
If SMBs stick to their tight budgeting restrictions for their IT departments, they could find that some of the $1,000 ceilings they put in place can be eaten up for cyber insurance.
Cowbell Cyber’s recent survey revealed that 65 percent of SMBs will spend more on cyber insurance in the next two years, according to Isabelle Dumont, the company’s vice president of market engagement.
“Subscribing to a standalone cyber policy is always a great step for SMBs to get financial protection against a wide range of cyber incidents and gain access to expert security resources when an incident actually occurs,” she told TechNewsWorld.
A growing number of SMBs continue to do more with less, according to the report. This year’s 38 percent budget adjustment noted above compares to 29 percent last year and 27 percent in 2018. Further, 78 percent of SMB employees are temporarily working remotely with an anticipated 56 percent suggesting some positions will be permanently remote moving forward.
Nearly half (48 percent) of the surveyed organizations operate in more than two locations, making SD-WAN an ideal infrastructure. SD-WAN allows small businesses who are operating in multiple physical locations and using bandwidth-intensive applications, such as voice over IP tools (VoIP), Zoom, or Salesforce, to take advantage of this technology.
Doing so allows SMBs to increase branch office network security. It also lets them increase Internet efficiency and decrease IT spending.
For nearly one-third (32 percent) of the responding SMBs, budget restrictions are their greatest barrier. That result is the same as last year.
Nearly one-quarter (24 percent) said their biggest challenge is employees who do not follow IT security guidelines. Limited time to research and understand emerging threats was the biggest cybersecurity protection barrier for only 13 percent of SMBs responding to the survey.
Fight More Threats, Spend Less Money
IT departments, even with limited resources, can implement foundational strategies to address network security issues and lay the groundwork for future investments, noted Untangle in citing some of the significant findings. The survey revealed effective strategies SMBs employ with their limited budgets.
For example, SMBs rank firewalls (82 percent), antivirus protection (57 percent), endpoint security (48 percent), archiving management and backup and VPN technologies, (47percent), and Web filtering (40 percent) as their most important features when considering which IT security solutions to purchase.
A majority of SMBs find economical solutions in the cloud. For instance, SMBs have adopted a hybrid on-premises/cloud-based IT infrastructure for business applications. A solid majority (71 percent) have their firewall on-site rather than in the cloud.
Nearly half (45 percent) of SMBs said they have adjusted or reevaluated their IT security roadmap based on recent security breaches and ransomware attacks. Of those SMBs surveyed who experienced a data breach within the last 12 months, 15 percent were able to stop the attack or any unauthorized access before sensitive data was extracted.
Cutting Cybersecurity Corners
This year, Untangle asked SMBs to rank the features they consider important when purchasing or considering an IT security solution, according to Heather Paunet, vice president of product management at Untangle. One of the lower-ranking options was identity access and management.
“This is especially important now as employees may either be in the office, working remotely, or a combination of both. Having identity access and management solution, such as Directory Access or Captive Portal, can help IT teams ensure that those who are logging into the network have the correct credentials to do so,” she told TechNewsWorld.
This ranking mirrors another finding by Varonis in their 2019 Global Data Risk Report, she noted, where 53 percent of companies have over 1,000 sensitive files open to every employee in the company.
“As an SMB, many files should be segmented based on employee department or credentials, so it is even more important to have a verified identity access system in place,” she explained.
One of the most startling findings in Untangle’s SMB security report is that employees’ actions have become the second-highest ranked barrier to cybersecurity for SMBs. In its 2019 SMB IT Survey, employees’ behavior ranked as the third-highest barrier, and in 2020 they have become number two.
“This is dangerous because many times employees are the frontline to preventing a cyberattack. If employees are not following IT security guidelines, especially with simple things like VPN connectivity, identifying emails that look suspicious, or malicious links that lead employees to a fraudulent website, then that means other protocols are falling to the wayside,” added Paunet.
For any SMB looking to create a multi-layered security solution, including employees as a foundational pillar of cybersecurity is necessary, she asserted.
One additional observation Paunet noticed in the SMB security analysis was the pace of new technology adoption has slowed down this year compared to last year. The number of SMBs who are deploying their firewalls in the cloud has decreased from 2019 to 2020,.
“With SMBs relying more on cloud-based applications such as Salesforce, Slack, G Suite, and Microsoft 365, it is interesting to see their cloud-based firewall deployments decrease. It is uncertain whether the current focus on pandemic restructuring or business limitations have delayed this technology adoption, but the decrease is noticeable,” she cautioned.
The Hidden Cost of Skimping
Cybersecurity skimping starts with an organization having an incomplete picture of the organization’s IT footprint, noted Cowbell Cyber’s Dumont. That can lead to severe security blind spots.
Getting a better understanding of security priorities should not mean needing to hire a security consultant, suggested Mark Kedgley, CTO at New Net Technologies (NNT). Plenty of effective cybersecurity controls should be adopted.
“Many of these do not necessarily need to eat into IT budgets,” he said.
For example, establishing a hardened build standard will provide protection against the attacks highlighted like phishing and ransomware. Hardened, secure configuration guidance is available for free from NNT and the Center for Internet security.
Vulnerability scanning and patching can also be done on the cheap, he added. Some vendors, including Greenbone Networks, still offer a free vulnerability scanner via the Greenbone Community Edition.
Finally, DDoS protection can be overlaid on any website using Cloudflare’s Free Plan, Kedgley suggested.
SMBs are mostly leveraging free, built-in security solutions that come included with existing solutions, rather than investing into dedicated security solutions, according to Thycotic’s Carson.
“This means that they are running blind when it comes to threat intelligence with the hope that they will be lucky and avoid becoming a victim of a cyberattack. They use the ‘do just enough’ approach because resources are limited and there is never enough time to spend on security,” he told TechNewsWorld.
Meet Minimum Security Standards
Untangle’s Paunet recommends that the minimum IT protocols that SMBs should deploy are credential-based VPN connectivity. They also need a next-generation firewall.
With credential-based authentication, SMBs, no matter how small, can connect to the network with a secured link, via VPN, and then consistently remind employees to update their credentials. That leaves them less susceptible to cybercriminals, she explained.
A next-generation firewall, with advanced web filtering and virus protection, can then provide layered security for the incoming and outgoing Internet traffic, noted Paunet.
Cowbell Cyber’s Dumont suggested multi-factor authentication (MFA) for all administrative accounts and for email is a must.
“It is free and takes seconds to set up, especially on cloud services. Many other security resources for SMBs are free,” said Dumont.
Besides firewalls, NNT’s Kedgley added the need for antivirus, backups, and web filtering. He said that the must-have list should include regular vulnerability scanning and patching, together with configuration hardening. He said also essential are non-negotiable security practices for every size of the organization.
“SMBs should invest in strong Identity and Access Management solutions as they not only help reduce the risks from unauthorized access, they also help SMBs scale better when they grow,” said Thycotic’s Carson in rounding out the minimum required security measures for SMBs.