Protecting your small to midsize business (SMB) from cyberattacks isn't as easy as implementing antivirus software. Attackers have become more aggressive, creative, and diabolical in recent years. More than ever, you'll want to invest in a layered approach to business security. How many layers you choose, how much you spend, and which aspects of your business you choose to defend are entirely up to you. However, we've put together this comprehensive list of options that you can use in some combination to keep intruders at bay.
Before we explore the tools and protocols required to keep you safe, it's important that SMBs keep two things in mind: 1) It's not just your data that attackers are interested in accessing. They might be trying to access your network in order to pilfer data from your much larger, much more powerful clients. Getting hacked, divulging information from a Fortune 500 client, and then being sued by that client could potentially sink your company. 2) You shouldn't feel secure having survived one minor attack. Once you prove yourself a viable target, hackers will continue to look for ways to exploit you.
"SMBs need to stop thinking they're the target," said Liviu Arsene, Senior E-Threat Analyst at Bitdefender. "More than anything, SMBs need to be concerned about their clients. The SMBs might not be the end of where the attackers are going to go. Also, stop thinking you won't be attacked again. The usual cybercriminal thinks, If I did something and it worked, why won't I try it again?"
With these two concerns in mind, take advantage of the following tools and protocols designed to defend your company from even the most ingenious and vicious cyberattack.
1. Web Application Firewalls The first and most important layer you should consider is a web application firewall (WAF). One of the more basic security protocols, WAFs are designed to restrict common exploits from affecting your apps. With a WAF enabled, you'll be able to control web portal and web app traffic that enters your apps and you'll block common attack entry points and patterns. You'll also be able to automate these processes for future attacks in order to dedicate personnel to more pressing concerns.
"If SMBs are running databases and updates, there will be vulnerabilities with those systems that need to be patched," said Arsene. "But, if you can't update your database for whatever reason, you could install a WAF that prevents attackers from exploiting vulnerabilities in the not-updated version of your database."
2. SPAM Training and Anti-SPAM Software SMBs that don't have much budget to dedicate to security can easily and inexpensively protect themselves against one of the newer and more common attacks. Business Email Compromise (BEC) attacks target companies with scam messages that extract information from unknowing recipients.
An excellent example of a BEC attack is a fraudulent email sent from someone pretending to be the company's CEO to the company's human resources (HR) department. Without realizing that he or she is being scammed, an HR manager willingly sends personal employee data to the scammers. From 2013-2015, more than 7,000 of these attacks occurred, totaling losses of nearly $750 million, according to FBI data.
Fortunately, you can train your employees to look for these emails or any other kind of SPAM attack so that they can alert IT if they receive something that looks suspicious. "SMBs usually have no security budget or a low security budget," said Arsene. "My recommendation would be to start training your employees with SPAM, fraudulent emails, suspicious attachments, and so on."
3. Keep Software Up-to-Date Most of the apps that you install require constant patching in order to ensure that the security layers are up to date to defend against the latest exploits. Your web browser and your desktop, database, and server operating systems (OSes) are prime examples of software that hackers will look to exploit. Make sure that you always run updates when prompted by the software vendor. If possible, automate these updates but first make sure that automatic changes don't harm other aspects of your business.
4. Endpoint Protection Software By implementing a Software-as-a-Service (SaaS) endpoint protection solution, you'll be able to diagnose the status of the computers, mobile devices, and apps that attempt to connect to your network. Unlike antivirus programs which monitor individual devices and programs, endpoint protection tools determine if your entire company's OSes, web browsers, and apps are using the latest security protocols. They also ensure that your WAF is constantly kept up to date.
5. Next-Generation Firewalls Unlike WAFs, which protect your web portals and web apps from incoming traffic, next-generation firewalls (NGFs) monitor and flag outgoing and internal suspicious traffic. Which apps are your employees using? How much bandwidth is being used by a particular department or specific app? If either of these scenarios is creating an anomaly within your system, then the NGF will alert your IT team; they'll then be able to inspect the issue to determine if an attack is occurring.
6. Backup and Recovery You won't be able to prevent every attack and, just in case you suffer a total meltdown, you should have a Disaster Recovery-as-a-Service (DRaaS) tool installed on your network. With a DR app running, you'll be able to continually back up critical systems and data, get up and running again after a disaster occurs, and reload certain apps and systems (rather than attempting to restart the entire network).
7. Mobile Device Management If you're willing to allow your employees to choose their own laptops, tablets, and smartphones, then you should protect these devices in a manner similar to your own internal hardware. Mobile Device Management (MDM) tools allow you to remotely locate, lock, and wipe devices whether they're lost, stolen, or behaving suspiciously.
Some of the best tools available even give you the option to remove Wi-Fi passwords, configuration settings, and documents. They also control how users access and store data on the device. Do you want your employees to use a fingerprint to open the device instead of using a passcode? Do you want their personal data stored separately from corporate data? A solid MDM solution will help make this happen.
8. The Honeypot Trap Want to set a mousetrap for intruders? Honeypots are servers or computers loaded with phony data that are designed to attract the attention of hackers. They are typically less secure than the other systems in your network so that, when an attacker is looking for an access point, he or she will head to the honeypot first.
"It's a dummy computer you set up that lures hackers into your network," said Arsene. "It mimics a really poor, unsecured endpoint. Then IT can blacklist the payload or the URL, or they can find the vulnerability the attacker used."
With all of these protocols established (or at least with some combination of these protocols), your company should be able to withstand most of the current attacks that are impacting small businesses. However, it's important that you continue to monitor the new attacks that are affecting other companies so that you can stay ahead of the curve.