Why SMBs and MMEs Can’t Rely on the Perimeter, but Need Layered Security

stack of padlocks

In a recent eBook, Best Practices To Protect Your Company’s Data and Infrastructure Through Layered Security, Kaseya and Kaspersky Lab detailed what SMB and MME IT shops can do to truly protect themselves.

The basics offer frontline protection. Firewalls, antivirus, anti-malware, and password policies are a great start. The bad news is that the bad guys have been either cracking or bypassing these defenses for years. It’s old hat.

Two intertwined concepts have taken hold to deepen those defenses. One is layered security; the other, which is often used to mean the same basic thing, is defense in depth.

Fortunately, Kaseya and Kaspersky Lab are partners in supporting both definitions of deep security. In fact, Kaseya VSA, an end-point management solution, is deeply integrated with Kaspersky’s antivirus software.

To help IT pros understand the issue more deeply, Kaspersky Lab crafted the eBook, “Cybercriminals: Unmasking the Villain.” Kaspersky regularly surveys customers and tracks not just viruses, but also how hackers create and exploit vulnerabilities. One dramatic but not altogether shocking revelation is that SMBs are a frequent hacker target, partly because the criminals know that SMB defenses aren’t as fierce as those of their enterprise brethren.

Some of the key Kaspersky findings:

  • 31 percent of all cyber-attacks are directed at businesses with fewer than 250 employees.
  • 42 percent of confidential data loss is caused by employees — often well-meaning employees opening unauthorized email attachments, forwarding sensitive information or storing data insecurely.
  • Hacking a small business to get into a larger business is now standard operating procedure for cybercriminals.

The lesson here is that SMBs need state-of-the-art security practices, and one route to these is through managed security services.

Whether you contract with a managed security services provider, or do it on your own, your best bet is a layered approach to security. Here are some of the concepts for layered or defense in depth that Kaseya has identified as part of a leading-edge security strategy:

  • Full 360O visibility. You can’t manage what you can’t see. You need a solution that easily and continually discovers all devices on your network and your customers’ networks, including servers, laptops, kiosks, mobile devices, scanners and peripherals. It also needs to constantly collect real-time status on all operating details for these devices to keep systems up to date.
  • Consistent antivirus and anti-malware (AV/AM). Once all devices are visible, you must ensure they are protected with AV/AM software. Installing is just the beginning ― you need to update systems to ensure they are always running the latest versions. So get a solution that makes this easy and automatic.
  • Keeping patches current. All devices need to be up-to-date on Microsoft and other third-party patches. Patches and updates can be tested centrally then pushed out to all machines or select groups once they are proven safe. Again, with the right type of automation, you can be confident that all patch updates are successful ― and that you’ll get an alert if they aren’t.
  • Policy-based configurations. Look for solutions that enable multiple sets of policies to be applied automatically based on any set of groupings you want ― by customer, device type, user role, or even location type ― that can check that each device is in compliance with its assigned policies. This way, you can standardize and update all infrastructure under your care with confidence. Of course, doing this successfully depends on powerful and flexible automation to keep up with multiple policies and update many devices by simply changing a policy once.
  • Complete Identity and Access Management (IAM). You already know you can’t use vendor-supplied defaults for system passwords.  IAM takes this further by including multi-factor authentication (MFA), which is also a PCI DSS requirement. IAM also includes centralized credential management, policy-based rules, and Single Sign-On for end users (including partners ― remember how Target was breached!) to keep internal systems and customer systems protected.
  • Real-time tracking alerts. If a device, laptop or even server idea leaves a customer’s building, you should know instantly where it is once it’s back online.
  • Securing/destroying data. Once you know a device has gone out of corporate control, you need to be able to ensure the data on the system is not accessible to malicious players. You need the ability to remotely disable the device, encrypt the data, or even destroy the OS on that device.

If you’re interested in learning how Kaseya VSA and Kaseya AuthAnvil can enable you to implement an inclusive layered security approach, download our Automation Cheat Sheet: IT Compliance, Audits, and Security.

Posted by Doug Barney
Doug Barney was the founding editor of Redmond Magazine, Redmond Channel Partner, Redmond Developer News and Virtualization Review. Doug also served as Executive Editor of Network World, Editor in Chief of AmigaWorld, and Editor in Chief of Network Computing.
artwork of computers transfering files

How to Prepare for Windows 7 and Windows Server 2008 End of Life

Time is running out for support for Windows 7 and Windows Server 2008/R2. End of life for these operating systemsRead More

Laptop with Windows 8 on screen

It’s Time to Get Started on Windows 7 End of Life Migrations

This January, Microsoft will discontinue all support for Windows 7 and Windows Server 2008, including any type of security patches.Read More

Woman wearing 90s clothing with VHS in hand

Congratulations to the Winners of Stranger Things in IT Contest!

Congratulations to all the winners of Stranger Things in IT contest! In your fights against Demogorgons and other IT monsters,Read More

Hourglass on top of laptop keyboard

What Does End of Life for Windows 7 and Windows Server 2008 Mean for Me?

Tick tock, tick tock, tick tock. The clock is ticking. Windows 7 and Windows Server 2008/R2 are reaching their endRead More

Connect IT Asia-Pacific - Don't Miss the Premier IT Management Event of the Year - Join Us in Sydney 1-3 October 2019 - Register Now

Archives

Categories