Four ways to reinforce your SME against cyber threats
Sneha Paul, product consultantat ManageEngine
Despite its name, the small and medium-sized enterprise (SME) sector is colossal in terms of size and revenue, says Sneha Paul, product consultant at ManageEngine.
Defined as a business having fewer than 500 employees and either an annual turnover under £87 million(€98.35 million) or a balance sheet under £75 million(€84.78 million), SMEs in the UK account for 47% of the private sector’s total annual turnover at £1.8 trillion(€2.03 trillion). Additionally, SMEs employ 15.7 million people, which is 63% of all private sector jobs.
Given the critical role SMEs play in the UK’s economy, the scale and breadth of business is inconsequential to cyber criminals. Your organisation need not be a corporate goliath in order to be breached.
Safeguarding and defending against cyber threats and attacks is imperative for every SME. A study by RSA says that SMEs in the UK are afflicted by a whopping seven million cyber-crimes every year with an average cost of £3,000 (€3391.34) per incident. A cyber security breach can therefore spiral your budget out of control. Keeping this in purview, here are four ways to reinforce your SME against cyber threats.
- Audit and analyse your machine-generated log data
Log data is heterogeneous. It can come from varied sources such as network devices, Windows servers and workstations, databases, IP packets, applications, and firewalls. While log caches are indispensable when it comes to troubleshooting an attack, careful log analysis is even more critical because it can help prevent attacks in the first place. Here come log monitoring and SIEM (security information and event management) solutions to the rescue!
Log monitoring software automates the process of auditing large amounts of data. It provides telltale signs of potential security gaps from a central console. Generating compliance reports for SOX, GLBA, PCI DSS, HIPAA, FISMA, etc. is also a lot easier using predefined or canned templates.
Furthermore, you can strengthen your threat intelligence and include open source feeds to identify the global blacklist of IPs. This is accomplished using real-time reporting systems that send alerts via text or email whenever a dubious IP is detected. Employing a solution to analyse log data is a great starting point to keep security vulnerabilities at bay.
- Alleviate insider threats with Active Directory management
Internal threats loom as a big risk to corporate IT resources, with reports showing the percentage of insider attacks for some business verticals as high as 71%. Organisations have recognised that insider attacks (whether willful or unintentional) involve internal stakeholders who have sanctioned rights and access to an SME’s IT assets such as their data, network, or systems. So, how do SMEs authenticate users and block their risky activities before any breaches occur? The answer is Active Directory management.
With Active Directory management, you can set password policies and assign customised user access based on multiple benchmarks including user groups, devices, IP ranges, or session types (e.g. IIS or VPN). This automatically restricts access to organisations’ IT assets or user sessions that do not meet company compliance policies.
Additionally, file or folder changes in a file server and Exchange traffic data (such as email traffic, permissions, or shares) can be monitored in real time. Email or text notifications about unusual activity, user-generated reports, and customised reports to meet compliance requirements all help you stay at the top of your game.
- Accomplish proactive surveillance with intuitive software updates
Most successful cyber–attacks exploit security gaps which can be averted using standard practices such as vulnerability assessment and patching. As a recent example, WannaCry ransomware utilised a Windows exploit called EternalBlue. While Microsoft had released a patch for the vulnerability before the attack even began, many users and organisations failed to update their systems on time and were therefore susceptible to the attack.
Endpoint management solutions automate the task of tracking all your hardware devices, such as desktops, laptops, mobile devices, and servers, from a single interface. With an endpoint management solution in place, administrators can streamline routine device management tasks, such as vulnerability scanning, installing patches, managing software licenses, and controlling remote devices, to keep their assets up-to-date.
Likewise, software deployments, user administrations, and service pack installation for OSs or third-party applications can be performed in bulk, thereby eliminating fatigue and human error. As hackers evolve their techniques, businesses need to stay abreast. Intuitive endpoint management helps you attain just that, and more!
- Protect externally-hosted services with cloud security
The adoption of cloud technology is increasing among SMEs in the UK. With 68% of businesses leveraging on-demand applications and web services, SMEs are exposed to cyber security risks now more than ever. Businesses should therefore look at user, data, and application security that optimises their computing experience while in the cloud.
A cloud security tool records and analyses activities transpiring on public cloud platforms like Amazon Web Services and Microsoft Azure. These kinds of solutions monitor cloud transactions and log activities such as identity and access management (IAM), auto scaling, and user logins. Events in Amazon EC2, elastic IP addresses, network security groups, application gateways, DNS zones, databases, storage accounts, virtual machines, and more are also recorded.
After data collection, auto-generated reports can be scheduled to provide an overview of the cloud platform’s security status. Best of all, if there is a threat or an abnormal trend, auto alerts via email or text can help administrators promptly mitigate the risk.
Stay agile, stay safe
The only way to avert a disaster is by establishing a preventive mechanism. The above points highlight the methods by which you can fortify your SME against internal and external threats. The good news is that securing your SME doesn’t have to break your budget; there are plenty of cost-effective IT management tools out there, and some are even free! Security has a tangible correlation to an enterprise’s brand equity, so keeping it afloat should be your immediate plan of action.
The author of this blog is Sneha Paul, product consultant at ManageEngine, a division of Zoho Corporation
About the author:
Sneha Paul is a product consultant at ManageEngine, a division of Zoho Corporation, where she actively follows the IT management industry and helps organisations address the challenges they face in managing their IT. For more information on ManageEngine, the real-time IT management company, please visit www.manageengine.co.uk; or follow the company blog at https://blogs.manageengine.com.
Comment on this article below or via Twitter @IoTGN