Today's Top 10 Security Risks for SMBs
There was more data leaked in the first half of 2017 than in all of 2016 combined. The past few months alone have seen the recent KRACK Wi-Fi vulnerability, malware hidden in Windows cleanup tool CCleaner, and of course the Equifax breach that put the sensitive information of essentially every adult in the U.S. at risk of illicit sale and identity theft. When it comes to securing your network, software, and data from potential attackers, small to midsize businesses (SMBs) have a lot to worry about.
Security for increasingly mobile and online-focused businesses is a multifaceted beast to wrangle, and doubly so for SMBs that lack the dedicated security staff expertise a larger enterprise can afford. Yet, SMBs also can't let a lack of resources paralyze their technology initiatives or they risk losing out to the competition. While it might be daunting to navigate the security landscape without an in-house expert, IT admins tasked with protecting their SMB can get the job done by paying particular attention to securing endpoints, encrypting file transfers, and managing employee devices and permissions. Though, when faced with the prospect of stymieing an ever-evolving array of attacks and malware, business security is like a Rubik's Cube that keeps adding sides.
For SMBs, security risks exist both inside and outside the firewall. The burden falls on both IT managers and business users to avoid compromising security practices, and to remain wary of and proactive about common external threats. The following are 10 of the most pressing security risks SMBs face today, and the steps you can take to best mitigate them.
1. The Pitfalls of BYODMobile device management (MDM) is difficult enough when overseeing data access and permissions on company hardware. But when employees start bringing in personal smartphones and tablets under a bring-your-own-device (BYOD) policy, admin oversight grows exponentially more convoluted. Android and iOS devices now almost all include enterprise mobility management (EMM) capabilities around app installation, configuration, and permissions. But employees and managers should still remain just as vigilant with proper security practices to accommodate for the element of unpredictable risks mobile devices bring with them. These risks can including anything from a stray device compromising a company's virtual private network (VPN) to a simply scenario in which an employee leaves their unlocked iPhone in a taxi.
The most efficient way of wrangling employee devices is to use a centralized security console to manage BYOD policies of Android and iOS devices in one place. These tools also include remote-locking and location mechanisms to prevent data compromise on lost or stolen devices. Beyond the security solution, though, your SMB's BYOD policy should be clear and comprehensive. That is, employees should know what types of data they should and shouldn't store on mobile devices, be required to set up two-factor authentication (or biometric authentication) if the hardware supports it, and set the bar high when it comes to using complex passwords.
2. Voice Recognition ExploitsSiri, Cortana, Alexa, Google Now, and the cadre of other virtual assistants are ingrained in how users interact with mobile devices today. Addressing business concerns over BYOD, security researchers have discovered a way for hackers to remotely control an iOS or Android device through its voice recognition services without saying a word. If an iPhone or Android phone has Siri or Google Now enabled, hackers can use electromagnetic radio waves to trigger voice commands using a technique called remote voice command injection. For SMBs, it's another attack vector through which organizational data can be compromised regardless of whether or not a work or personal profile is loaded on the device.
The good news is that a comprehensive MDM solution will notice if the remote command triggers any sensitive data downloads and, with a quick verification ping to the device to determine whether or not the user is authorized, the IT admin can lock the device down.
3. Cloud-Connected IncursionsWe're past the point where cloud platforms are too new or not yet established enough for SMBs to invest in them. It's nearly impossible for an Internet-dependent SMB to survive today without a reliable cloud platform for customers to access from wherever they are and on whatever device they're using—be it a managed private cloud deployment or a public cloud platform such as Amazon Web Service s (AWS) or Microsoft Azure). That said, cloud-based, brute-force, and distributed denial-of-service (DDoS) attacks are a significant and pervasive threat that can result in countless, high-profile data breaches. Even AWS isn't immune; the cloud platform suffered a major outage back in March due to a typo.
The most integral form of protection is end-to-end encryption. There is no surefire level of encryption but Advanced Encryption Standard (AES) 256 is a generally accepted standard. Even if your business data is housed within a secure virtualized environment such as AWS, don't rely on the public cloud provider alone. A physical and virtual endpoint security solution that layers an additional level of encryption (while scanning for zero-day threats and other attacks) is a worthwhile security investment to hedge your cloud bet.
4. Endpoint Shooting GalleryWhile more and more business assets and sensitive data are now hosted in public, private, and hybrid clouds, don't sleep on protecting the physical endpoints at which your organization may be vulnerable. Endpoints can mean anything from on-premises workstations and servers to the corporate networks that connect physical or virtual servers to mobile and embedded devices. Through even the smallest opening, hackers and malware can target employee and customer accounting and financial information, company payroll data, or intellectual property (IP) information regarding critical projects and products core to your business success. To shore up those endpoints, there are a number of worthy software-as-a-service (SaaS) endpoint security solutions available. SMBs should look for a service that can protect all relevant physical machines and operating systems (OSes) across, Linux, Mac, and Windows, and one with the redundancy and scalability to eliminate single points of failure.
5. Fortify the FirewallYou know what's better than one firewall? Multiple, interlocking firewalls. Even in a more cloud-based and encryption-focused security landscape, firewalls are still an organization's most important line of defense to prevent malicious attacks. SMBs should deploy secure infrastructure with numerous levels and redundant systems, including a two-way firewall and an interconnected intrusion detection systems (IDS) to monitor their network for suspicious activity, both inside and outside the firewall.
6. All Kinds of PhishingOn average, your customers use far less careful security practices than your SMB and employees do. Therefore, it's a lot easier for hackers to infiltrate your infrastructure through your customers; more specifically, the one transaction that's always present in your relationship: payment.
Online banking and payment services are a prime target of malware and phishing campaigns, and a data breach could have ripple effects, not only for the customers and bank but for your business financials as well. Before hooking into a service, your SMB should vet each third-party banking and payments service, but it can't be responsible for monitoring every single one.
We've also seen sophisticated phishing scams hit Gmail and Google Docs this year, so don't assume that the apps your business uses every day don't present a degree of danger if you're not careful what you click. Be aware of spear-phishing attacks as well, in which customer support emails ask you to change credentials or are sent via fake email addresses to businesses asking for highly personal customer or employee data. The security service you choose should include a global threat intelligence network that uses continuous process monitoring and automated malware detection to mitigate and control any breaches that spill over into your system.
7. Intruder QuarantineIf a particularly enterprising attacker does manage to get past your SMB's firewalls and through your advanced endpoint encryption, the most effective course of action is to triage the compromised files and cut off their air supply. Your business security solution should be well-stocked with local and remote quarantine management for both on-premises servers and cloud storage. If an IT security manager is ready with his or her finger on the big red button, you can easily jettison the breached compartments on your SMB train and continue chugging along.
8. PUAs for AllPotentially Unwanted Applications (PUAs), also known as Potentially Unwanted Programs (PUPs) or adware, are a particularly nefarious form of malicious file, and they're no longer confined to just PCs. PUAs (and malware in general) are on a steady rise in Macs, so SMBs running entirely on Apple products aren't immune from the malicious third-party downloads on which adware thrives.
While PUAs aren't as critical a security vulnerability as other types of malware, the ad pop-ups divert attention away from the user flow your site intended and, in bulk, that can impact revenue. PUAs are also a nuisance to get rid of, and can take several tries using free adware removal tools or Mac and PC troubleshooting steps to finally eviscerate. To save your SMB the trouble, the security solution your SMB deploys should include PUA detection and remediation tools as part of its malware detection suite. PUAs are the bedbugs of malware so be sure to invest in a high-quality mattress protector.
9. A Crypto Ransomware Hostage CrisisCrypto ransomware has been ravaging Android users for some time. The ransomware locks devices with randomly generated encryption keys, and extorts the users for larger and larger sums. Crypto ransomware is growing more pervasive in complexity and sheer maliciousness, but the bigger problem is that newer strains have begun targeting SMBs. WannaCry attacked hundreds of thousands of PCs earlier this year, and Petya spread to 65 countries this summer. New ransomware strains emerge every day.
Crypto ransomware is extremely difficult to remove once a system is compromised, but SMBs can install so-called "vaccines"that act as an extra software layer of protection that works in tandem with existing security infrastructure to "immunize" systems against particular types of encrypted file attacks. Looking into comprehensive ransomware protection software and know how to protect and recover should your business ever be targeted or infiltrated by ransomware.
10. The Internet of VulnerabilitiesThe potential of the Internet of Things (IoT) is about far more than connecting all of the appliances in a consumer's kitchen or living room to their smartphones or IoT-connected thermostat. For SMBs, the IoT represents a massive network of connected office and industrial machines, embedded devices, and connected hardware and software around business operations (such as manufacturing, shipping, and warehouse management). The biggest catch with IoT—and the one giving SMBs pause—is its significantly increased vulnerability to cyberattacks.
The IoT will be a part of your SMB going forward, but deploying this sort of connected device and machine network shouldn't be done without a holistic IoT security service in place to make sure your IoT network is business-ready. Every aspect of traditional infrastructure security—from firewalls and encryption to antimalware detectors and centralized management—should be in place and operational before an IoT network ever goes live. The IoT introduces countless more endpoints for an SMB to keep secure and make sure each is encrypted and monitored.
This article originally appeared on PCMag.com.