Businesses generate data—a lot of it—and the security of that data can have significant ramifications across entire organizations. While enterprise companies have IT departments dedicated to monitoring their cybersecurity, small businesses rarely have the same luxury. Between running the business, managing employees, serving clients, and maintaining administrative duties, cybersecurity can easily be pushed aside. Data generated by the small business is no less valuable to an attacker than data generated by the larger enterprise. Yet, their lack of resources and sophistication makes small business data “low-hanging fruit” for the attackers that exist today.
Technology has traditionally served as the foundation for data protection. Yet, as cyber threats continue to evolve, so too do the tools businesses use to prevent them. Antivirus software and differentiated passwords are an excellent start, but hardly cover the sophistication necessary to properly secure business data. Small businesses need next-generation technology to counteract a next-generation threat. Below you’ll find five easily accessible and onboarded technology solutions to start your cybersecurity efforts.
1. Firewalls or NGFWs with Intrusion Protection (IPS)
Built to monitor incoming and outgoing network traffic, firewalls decide whether to allow or block specific actions on a network, sometimes based upon advanced analysis or deep packet inspection (DPI). They’re often the first line of defense for most organizations, and rightfully so, they’re easy to adopt and implement, with little impact on daily operations. A good next-generation firewall choice should easily cut risk exposure by 50 percent, but expecting 100 percent protection from a firewall is the number-one mistake made by businesses large and small—because firewalls and next-gen firewalls (NGFW) are so pervasive, attackers specifically build their attacks to be invisible to even the most advanced firewalls and NGFWs on the market. Thus, a multi-layer approach to protection is still always required (defense-in-depth).
2. DNS protection
DNS (Domain Name Service) is used for every connection to the Internet, the cloud, and just about every connection to internal applications as well. The process of name resolution is universal and well known and thankfully, from a security perspective, is actually one of the very first things every system does to communicate on an IP network. Being able to protect communications so early in the process, irrespective of what type of device is communicating, is very powerful and when done correctly, can be the most important investment you will ever make to protect your data on and from a network. Good DNS protection allows the speakers in a network conversation to ensure they are not communicating with a bad actor or a network target that has been hijacked or redirected—one of the easiest ways to steal data and normally something a firewall will never see. Good DNS protection also defends clients from speaking to malware sites, malvertising links, and ransomware sites—all of the above have an IP address that is mapped to a NAME|URL|URI with DNS. Some of the top DNS protection services leverage data analytics and algorithms that even provide protection from “questionable” sites that may be using an IP address being seen for the very first time on the Internet. While firewalls may be the first line of defense for networks touching the Internet, DNS protection is the first line of defense for all network communications that interact with the small business, even FROM the firewall.
3. Endpoint protection
Anti-virus and advanced malware protection, known as EDR—Endpoint Detection and Response tools, prevent threats at the point of entry and then continuously track every file and system process running on a business’s endpoints. VPNs can additionally be used to secure the communication channel to and from network resources. These tools work to actively uncover advanced threats like malware and ransomware and administrators can approve which mobile devices, laptops, or desktops can access the network and from where. VPNs, in particular, encrypt a device’s data stream for added protection, meaning employees using endpoint protection (like EDR) on their mobile system can use a public Wi-Fi signal without creating an additional security risk. It is critical that the endpoint itself is secured in this case, as VPNs can be a great friend, but can also be a killer enemy if a machine connected to the small business VPN is compromised locally—suddenly providing a direct conduit to the small business’s network and data. Since it is coming from a machine you “trust,” finding an attacker hiding in this veil of protection becomes increasingly challenging. Concepts like “Zero Trust” have been created around some of these specific methods to help all customers defend their data from cybercriminals.
4. Cloud-based security
By transitioning their data to the cloud, small businesses can tap into enterprise-grade security solutions without having to onboard their own internal teams and infrastructure. Cloud-based solutions involve no hardware or software, so they can be quickly and easily deployed and normally for far less expense than hosting the system yourself. Cloud-based solutions are not immune to attack, so it is important to consider requesting the maximum protection level the cloud provider has to offer. Keep in mind that regulations such as PCI and HIPAA may sometimes cause challenges when using cloud storage, so it is always best to do your homework and make sure the storage is considered “compliant” before signing anything.
5. Email Gateway Security
Attacks such as advanced malware and ransomware are still prevalent. They continue to evolve and in a majority of cases will use email as the vector to get this malicious code into your organization. Secure email gateways remain the cornerstone of a solid cybersecurity posture and are available both as a local system or a cloud service. The key to a good email security solution is the ability to detect and prevent access to embedded code, malicious URLs, phishing, and fraudulent emails (malicious emails that appear to be 100 percent legitimate [see video]). User training remains a critical element of safe email use and as is the case with a “chain only being as strong as its weakest link,” a business’s security posture is only as good as the training and awareness of the humans that use the business assets. It only takes one inadvertent click to bypass a security solution that may have cost millions to acquire and deploy.
Each of these solutions represents just one point in an entire ecosystem of solutions today’s small and midsized businesses can, and should, adopt to protect business data. While these tools lay a critical foundation, their effectiveness hinges on supportive teams and processes to use them properly. There’s no end-all data security solution, and every organization comes with its own considerations and challenges. Cybersecurity starts with people, not technology.
This blog post was originally written by Mike Storm for Cisco Blogs.