Four ways to reinforce your SME against cyber threats
Sneha Paul, product consultantat ManageEngine
Despite its name, the¬†small and medium-sized enterprise (SME)¬†sector is colossal in terms of size and revenue, says Sneha Paul, product consultant at ManageEngine.
Defined¬†as a business having fewer than 500 employees and either an annual turnover under¬†¬£87 million(‚ā¨98.35 million) or a balance sheet under¬†¬£75 million(‚ā¨84.78 million),¬†SMEs¬†in¬†the UK account for¬†47% of the private sector’s total annual turnover at ¬£1.8 trillion(‚ā¨2.03 trillion).¬†Additionally, SMEs employ 15.7 million people,¬†which is 63% of all private sector jobs.
Given the critical role SMEs play in the UK’s¬†economy, the scale and breadth of business is inconsequential to cyber criminals. Your organisation need not be a corporate goliath in order to be breached.
Safeguarding and defending against cyber threats and attacks is imperative for every SME. A¬†study¬†by RSA¬†says that SMEs in the UK are afflicted by¬†a whopping seven million cyber-crimes every year with an average cost of¬†¬£3,000 (‚ā¨3391.34) per incident.¬†A cyber security breach can therefore spiral your budget out of control. Keeping this in purview, here¬†are¬†four ways to reinforce¬†your¬†SME¬†against cyber threats.
- Audit and analyse your machine-generated log data
Log data is heterogeneous. It can come from varied sources such as network devices, Windows servers¬†and workstations, databases, IP packets, applications, and firewalls. While log caches are indispensable when it comes to troubleshooting¬†an attack,¬†careful log analysis is even more critical because it can help prevent attacks in the first place. Here¬†come¬†log monitoring and SIEM (security information and event management) solutions¬†to the rescue!
Log monitoring software automates the process of auditing¬†large¬†amounts¬†of data.¬†It provides¬†telltale¬†signs of potential security gaps¬†from a central console. Generating compliance reports for SOX, GLBA, PCI DSS, HIPAA, FISMA, etc.¬†is¬†also¬†a lot easier using predefined or canned templates.
Furthermore, you can strengthen your threat intelligence and include open source feeds to identify the global blacklist of IPs. This is accomplished using real-time reporting systems that send alerts via text or email whenever a dubious IP is detected. Employing a solution to¬†analyse log data is a great starting point to keep¬†security vulnerabilities at bay.
- Alleviate insider threats with Active Directory management
Internal threats loom as a big risk to corporate IT resources, with reports showing the percentage of insider attacks for some business verticals¬†as high as¬†71%. Organisations have recognised that insider attacks (whether willful or unintentional)¬†involve internal stakeholders who have sanctioned rights and access to an SME‚Äôs IT assets such as their data, network, or systems. So, how do SMEs authenticate users and block their risky activities before any breaches occur? The answer is¬†Active Directory management.
With¬†Active Directory management, you can set password policies and assign customised user access based on multiple benchmarks including user groups, devices, IP ranges, or session types (e.g.¬†IIS or VPN). This automatically restricts access to¬†organisations‚Äô IT assets or user sessions that do not meet company compliance policies.
Additionally, file¬†or¬†folder changes in a file server and Exchange traffic data (such as email traffic, permissions, or shares) can be monitored in real time. Email or text notifications about unusual activity,¬†user-generated reports, and¬†customised reports to meet compliance requirements¬†all¬†help you stay¬†at the¬†top of¬†your¬†game.
- Accomplish proactive surveillance with intuitive software updates
Most successful cyber–attacks exploit security gaps which can be averted using standard practices such as vulnerability assessment and patching. As a recent example, WannaCry ransomware utilised a Windows exploit called EternalBlue. While Microsoft had¬†released a patch for the vulnerability¬†before the attack even began, many users and organisations failed to update their systems on time and were therefore susceptible to the attack.
Endpoint management solutions¬†automate the task of tracking all your hardware devices, such as desktops, laptops, mobile devices, and servers, from a single interface. With an endpoint¬†management solution in place, administrators can streamline routine device management tasks,¬†such as vulnerability scanning, installing patches, managing software licenses,¬†and¬†controlling¬†remote devices, to keep their assets up-to-date.
Likewise,¬†software deployments, user administrations, and service pack installation for OSs¬†or third-party applications can be performed in bulk, thereby eliminating fatigue and human error. As hackers evolve their techniques, businesses need to stay abreast. Intuitive endpoint management helps you attain just that, and more!
- Protect externally-hosted services with cloud security
The adoption of cloud technology is increasing among¬†SMEs in the UK. With¬†68% of businesses¬†leveraging on-demand applications and web services, SMEs are exposed to cyber security risks¬†now¬†more than ever. Businesses should therefore look at user, data, and application security that optimises their¬†computing experience while in the cloud.
A¬†cloud security tool¬†records and analyses activities transpiring on public cloud platforms like Amazon Web Services and Microsoft Azure.¬†These kinds of solutions monitor cloud transactions and log¬†activities such as¬†identity and¬†access¬†management¬†(IAM), auto scaling,¬†and user logins. Events in Amazon EC2, elastic IP addresses, network security groups, application gateways, DNS zones, databases, storage accounts, virtual machines, and more are also recorded.
After¬†data collection, auto-generated reports can be scheduled to provide an overview of the¬†cloud platform’s¬†security status. Best of all, if there is a threat or an abnormal trend, auto alerts via email or text¬†can help administrators¬†promptly¬†mitigate the risk.
Stay agile, stay safe
The only way to avert a disaster is by establishing a preventive mechanism. The above points highlight the methods by which you can fortify your SME against internal and external threats.¬†The good news is that securing your SME doesn’t have to break your budget; there are plenty of cost-effective IT management tools out there, and some¬†are even free!¬†Security has a tangible correlation to an enterprise‚Äôs brand equity, so keeping it afloat¬†should be¬†your¬†immediate¬†plan of action.
The author of this blog is Sneha Paul, product consultant at¬†ManageEngine, a division of Zoho Corporation
About the author:
Sneha Paul is a product consultant at¬†ManageEngine, a division of Zoho Corporation, where she actively follows the IT management industry and helps organisations address the challenges they face in managing their IT. For more information on ManageEngine, the real-time IT management company, please visit www.manageengine.co.uk; or follow the company blog at¬†https://blogs.manageengine.com.
Comment on this article below or via Twitter @IoTGN