Today’s Small Businesses have a number of technical challenges ahead of them. They are faced with emerging enabling technologies that are able to rapidly serve a number of business needs in an efficient manner. At the same time, those same technologies can offer so many choices that it can get quite complicated. Everything from SaaS, Cloud Services, IaaS, BYOD, Cloud Backups – and on and on. A true primer on guiding SMBs through the whole of these technologies is beyond the scope of one article. There is however a world of emerging trends in security that bear reviewing, that is if security in your growing SMB is of significant concern. These trends have roots in the enterprise and there are many lessons to be learned from their emergence.
This is important because of the threat of cyber-criminals – many focus exclusively on the technology and services that SMBs often employ. The reasoning is quite simple. Because of the modest SMB resources and natural lack of security maturity, SMBs are viewed as a target. Many such businesses do not care to have or do not have the resources to have a dedicated IT staff. Even further, smaller and more modern companies are more inclined than your typical enterprise to employ a generally mobile workforce. This means laptops, mobile devices, portable files and transmission – all of these are opportunities for cyber-criminals to commit their attacks. Many cyber-criminals take advantage of partner-relationships, that is – why go through the trouble of attacking large corporation “A” when I can just attack SMB partner “B” and gain the same information with much less effort?
It is because of these reasons that SMB’s should pay heed to emerging security trends, and enterprise partners should be prepared to walk them through these.
- BYOD and their security challenges. Get to know about encryption, mobile device management, certificate authentication, transmission encryption, and everything else that this rapidly evolving range of portable devices introduces to a business. We write about BYOD and products here at SiliconANGLE and Wikibon quite a bit, so stay tuned.
- Mobile Phones are Computers – Treat them that way. They are capable of holding massive amounts of information, information that could be critical to your business. These devices are under constant attack from malware, phishing, and under threat in the event that devices are lost or stolen. Users must be made aware to secure their business phones and not set their applications to automatically log them in to sensitive environments like banking, sales, and so on.
- The world of data breaches is getting bigger – Malicious parties are becoming bolder and tools are becoming more and more sophisticated. We write a lot about his here as well – there are cottage industries and technology recruiters in other countries that run cybercrime operations as a business and they are always looking for technologies to exploit, companies to blackmail, or corporate secrets to sell to someone else. They are able to run from legitimate cloud environments and disguise their actions well. The old perimeters of network defense no longer apply.
- Plan proactively – Outages happen, breaches happen. While we strive that neither should or will happen, it just does. Sometimes it is human error, sometimes it comes down to an infrastructure issue, sometimes of course there could be a security problem. Some may operate for months not knowing that their information has been compromised and private information has been sold or shared time and time again. If you put anything on networked computer systems in the cloud, across town, or even as just a client of a service, you have to prepare your response and awareness of what to do in an information leakage scenario.
- Know that security threats are always evolving – This means this cannot be a summer project, the knowledge, vigilance, and awareness of security should be a part of your constant operations and knowledge is power.
Technologies that are available to SMB’s are staggering to take in. The options are so varied, so granular, so flexible – yet despite this enablement, it is clear that things are just getting started and there is a lot to process from a strategic standpoint. Think back just a handful of years at some of what are now archaic solutions that were common in SMB environments. Things like broadband, a commercially viable public cloud, virtualization, VDI, smartphones and more have changed that forever, boosting agility and profits with it. For all these efforts, it is important to remain on top of security as challenges and technology continues to evolve.