Why SMBs and MMEs Can’t Rely on the Perimeter, but Need Layered Security

In a recent eBook, Best Practices To Protect Your Company’s Data and Infrastructure Through Layered Security, Kaseya and Kaspersky Lab detailed what SMB and MME IT shops can do to truly protect themselves.

The basics offer frontline protection. Firewalls, antivirus, anti-malware, and password policies are a great start. The bad news is that the bad guys have been either cracking or bypassing these defenses for years. It’s old hat.

Two intertwined concepts have taken hold to deepen those defenses. One is layered security; the other, which is often used to mean the same basic thing, is defense in depth.

Fortunately, Kaseya and Kaspersky Lab are partners in supporting both definitions of deep security. In fact, Kaseya VSA, an end-point management solution, is deeply integrated with Kaspersky’s antivirus software.

To help IT pros understand the issue more deeply, Kaspersky Lab crafted the eBook, “Cybercriminals: Unmasking the Villain.” Kaspersky regularly surveys customers and tracks not just viruses, but also how hackers create and exploit vulnerabilities. One dramatic but not altogether shocking revelation is that SMBs are a frequent hacker target, partly because the criminals know that SMB defenses aren’t as fierce as those of their enterprise brethren.

Some of the key Kaspersky findings:

  • 31 percent of all cyber-attacks are directed at businesses with fewer than 250 employees.
  • 42 percent of confidential data loss is caused by employees — often well-meaning employees opening unauthorized email attachments, forwarding sensitive information or storing data insecurely.
  • Hacking a small business to get into a larger business is now standard operating procedure for cybercriminals.

The lesson here is that SMBs need state-of-the-art security practices, and one route to these is through managed security services.

Whether you contract with a managed security services provider, or do it on your own, your best bet is a layered approach to security. Here are some of the concepts for layered or defense in depth that Kaseya has identified as part of a leading-edge security strategy:

  • Full 360O visibility. You can’t manage what you can’t see. You need a solution that easily and continually discovers all devices on your network and your customers’ networks, including servers, laptops, kiosks, mobile devices, scanners and peripherals. It also needs to constantly collect real-time status on all operating details for these devices to keep systems up to date.
  • Consistent antivirus and anti-malware (AV/AM). Once all devices are visible, you must ensure they are protected with AV/AM software. Installing is just the beginning ― you need to update systems to ensure they are always running the latest versions. So get a solution that makes this easy and automatic.
  • Keeping patches current. All devices need to be up-to-date on Microsoft and other third-party patches. Patches and updates can be tested centrally then pushed out to all machines or select groups once they are proven safe. Again, with the right type of automation, you can be confident that all patch updates are successful ― and that you’ll get an alert if they aren’t.
  • Policy-based configurations. Look for solutions that enable multiple sets of policies to be applied automatically based on any set of groupings you want ― by customer, device type, user role, or even location type ― that can check that each device is in compliance with its assigned policies. This way, you can standardize and update all infrastructure under your care with confidence. Of course, doing this successfully depends on powerful and flexible automation to keep up with multiple policies and update many devices by simply changing a policy once.
  • Complete Identity and Access Management (IAM). You already know you can’t use vendor-supplied defaults for system passwords.  IAM takes this further by including multi-factor authentication (MFA), which is also a PCI DSS requirement. IAM also includes centralized credential management, policy-based rules, and Single Sign-On for end users (including partners ― remember how Target was breached!) to keep internal systems and customer systems protected.
  • Real-time tracking alerts. If a device, laptop or even server idea leaves a customer’s building, you should know instantly where it is once it’s back online.
  • Securing/destroying data. Once you know a device has gone out of corporate control, you need to be able to ensure the data on the system is not accessible to malicious players. You need the ability to remotely disable the device, encrypt the data, or even destroy the OS on that device.

If you’re interested in learning how Kaseya VSA and Kaseya AuthAnvil can enable you to implement an inclusive layered security approach, download our Automation Cheat Sheet: IT Compliance, Audits, and Security.

Posted by Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.
VSA ROI Calculator

Realizing the Value of Unified IT Management – Calculate the Cost Savings

For years, Kaseya has helped small and midsize enterprises manage their IT infrastructure more efficiently. But, the IT landscape keepsRead More

IT Skills Gap

5 Steps to Sealing the IT Skills Gap

Industries worldwide are facing the heat of a growing skills gap, given the need for rapidly evolving skill sets andRead More

Onboarding employees

The Importance of Onboarding: Getting Started on the Right Foot

Have you ever come home to a sticky note on the fridge telling you what’s for dinner and where preciselyRead More

4 Things an MSP Should Keep in Mind to When Positioning Itself for Growth

4 Things an MSP Should Keep in Mind to When Positioning Itself for Growth

The MSP market is experiencing rapid growth, but that expansion isn’t being experienced equally by every player. Some are seeingRead More