Over the next several weeks, we are going to take an in-depth look at each of the 10 steps in the Small Business Administration’s simple guidelines for defending your business against cyber threats, to help you understand why each step is important to your business.
As a business owner, you are laser-focused on getting the job done for your clients. One of the last things on your mind should be the management of your IT and cybersecurity.
But small businesses are also part of an accelerating global trend to digitize your business processes. This means you use more apps and more devices to connect to your customers, your supply chain and your workforce. As such, your business is even more exposed to cyber threats like malware, computer viruses, and data breaches.
SBA Resources for Defending Against Cyber Threats
The Small Business Administration’s simple guidelines for defending your business against cyber threats provides a good framework for developing a fully fledged security program. But if you’re starting from scratch, where should you begin?
The devil is in the cybersecurity details. We are firm believers that you should be following some or all 10 of these SBA-recommended tips, so we want to help you understand each of them so that you can develop a plan for which ones to address in what order.
Step 1: Protect your business from cyber threats like viruses, spyware, and other types of malware attacks.
This is usually the very first thing most of us think about when we set out to protect our business from cyber threats. Over the years, the meaning of virus protection has changed markedly. Once upon a time, it was simply installing antivirus software. But today, the sad truth is that antivirus software alone is not much better than having no protection at all.
Why is antivirus software not enough?
As antivirus software (AV) got better, so did attacker tactics and methods. A system administrator at one time could reasonably protect users with simple signature-based AV, in which the identifying characteristics of a specific virus is programmed into the AV package so that it can rapidly identify and stop it when it occurs. But alas, there are now a growing number of “full-spectrum” cyber threats to protect against. These are cyber attacks that have no fixed signature, attacks that change and adapt, and threats that come from the carelessness or bad intentions of people inside your organization. Behaviors like this are more than any one product can protect against.
So today, you need to “reduce your attack surface,” making it more difficult for attacks that you don’t know the signature of to get in.
How to reduce your attack surface:
- Reduce the number of different operating systems and applications running on your endpoint.
- Ensure each application has the latest patches installed.
- Identify and uninstall unnecessary software services.
Why is it so hard to protect your attack surface?
The idea here is simple. The less software running in your environment, the simpler your environment will be and the easier it is to protect. Implementation is a headache.
Every software service running on your endpoints increases your attack surface. Security-minded systems administrators are militant about not allowing unauthorized software on work devices and refuse to hand over local administration rights to non-admin users. As they should be.
But these seemingly simple tasks are often far more complex than you realize. Even a small business has dozens or hundreds of devices that need protecting, and each of these are usually running different versions of operating systems. Each system usually has basic software that everyone in the company uses to do their jobs, as well as specialized software that manages their job roles like customer relationship software, enterprise planning software, point of sale software, and more. What is all this software? Your attack surface.
To make things worse, each software package and each operating system has its own patch levels and known lists of vulnerabilities associated with it. What is this? Your attack surface.
Attackers look for all of these vulnerabilities to conduct their exploits. The more complex your operating environment, the more potential for hidden vulnerabilities.
Security administrators must catalog all of these devices, applications, and patch levels, and understand the business criticality of each. They have to know how each of the systems interrelates with others, and they have to do all of this while ensuring the systems are fast, available for use, and capable of being restored in case of failure.
Figuring out where to start —and how—can often be paralyzing. After all, there are dozens of software solutions on the market that claim to manage some or all of these security aspects. And the more turnkey many of these solutions claim to be, the more expensive they can be to deploy—but not all of them.
Interfocus developed LanScope Cat with the joint goals of delivering the most turnkey and the most cost-effective solution for addressing a business’s security. That’s why we’re one of the premier providers of cybersecurity software solutions to small businesses. LanScope Cat provides administrators the ability to manage all aspects involved with the SBA’s guideline to protect against viruses, malware, and spyware.
LanScope Cat incorporates Cylance’s endpoint security that can identify known and unknown malware and memory-based attacks on specific endpoints. It will regularly scan every networked endpoint to ensure that each node has the latest threat protection installed. The combined solution of LanScope and Cylance can even protect against users inserting USB drives or other peripheral devices into endpoints, or allow administrators to restrict USB drive use on more secure systems.
IT Asset Management in a Unified Platform.
LanScope Cat continuously logs access to all systems, can verify each endpoints’ updates and patches, as well as track software licenses and usage allowing administrators to quickly and easily remediate problems. It can even record printers and other peripheral devices (you forgot about those, didn’t you?) and identify permitted and forbidden applications running on your network. With LanScope Cat, it’s like you have an IT administrator who also understands security.
Capabilities like these are what it takes to reduce your organization’s attack surface and ensure that you’re taking the right steps at the right time to stop attacks before they can derail your business. There’s more, and we’ll cover that in this continuing series about Small Business survival in today’s world of cyber threats. Stay tuned!