Jun 14, 2023
Although organizations of all sizes are targeted by cyber criminals, small and medium-sized businesses (SMBs) have become a preferred target as of lately. One part of the issue SMBs face is lack of resources. They often do not have the time, money, or dedicated personnel to ensure they stay of these attacks.
However, another part of the issue is perception. Most SMBs do not see themselves as being at the same amount of risk as their enterprise counterparts due to their belief that their data is not as valuable, even though they can also be a foothold for attackers to acquire access further up the supply chain of larger organizations.
SMBs have an advantage when it comes to the relatively small number of privileged accounts they must manage and audit. It is essential to make a routine practice of looking at who has admin privileges and shut down access to anyone who shouldn't have full permissions on these accounts.
Most SMBs spend a lot of time running many applications and services from the cloud, whether they're using software-as-a-service (SaaS), cloud infrastructure environments, or even both. However, as an SMB, it is important to make sure to implement adequate controls and configurations, and you must have visibility into your accounts in order to mitigate the potential of account takeovers.
Take the initiative to speak to the Chief Information Officer (CID) or head of IT operations at your company, if you have one, and identify the things you’re unable to do, whether it is due to time or resources. Some of the items you can add to your list of things you are currently unable to do may include things like risk assessments, penetration testing, forensics, security operations center (SOC), and large-scale incident response.
A very unideal situation for SMBs is having a BO-page incident response plan that no one reads. Make sure your incident response plan is digestible by only including a few sections and a notification chain. Though, the same way you would in a larger firm, you should update regularly, even if you only do so annually.
An essential aspect of patch management is remaining on top of the next patch. Add this to your calendar as part of your weekly or monthly "maintenance" checklist. Pay close attention to notifications from vendors such as Microsoft and others to keep your systems up to date.
When there are a smaller number of users, it is imperative to keep track of the various log ins via VPN and limit service to only be enabled for those with a business need. Ensure that as employees are hired or fired that you update their access accordingly and add this to be a part of your set up and offboarding checklist.
Because SMBs have a smaller security and IT team, it is counterproductive to spend time performing password resets after lockouts have occurred. A bit of training will go a long way, so make sure you instruct your team on creating a long, unique password phrase that they'll remember, and establish a technical control for enforcement. In addition, set the password expiration for a longer period. If you are having trouble setting up a unique password, consider hiring a Password manager.
As cybercrime becomes a more urgent matter, cybersecurity must follow. Take our assessment today to find out if managed security is right for your business.
