Man interacting with a virtual menu

IT Security for Small Business Doesn’t Have to be Complicated

27 Mar 2015 by Shay Moser

This article is sponsored by Sophos, one of our partners, and they provide Insight with content to share with our audience.

Many vendors assume Small and Medium Businesses (SMBs) have the expertise and full-time staff of a large enterprise to manage IT security. However, this one-size-fits-all approach results in higher costs, lower productivity and increased risk. Enterprise-­class security products are inherently complex, and SMBs’ needs are very different. Making simple products that small businesses can use is costly, which is why most vendors merely repackage their enterprise offerings for the SMB market.

Small businesses are an easy target for cybercriminals.

Even if vendors seem to ignore the needs of small businesses, SMBs present a huge opportunity for cybercriminals. Recent small business cyber security statistics that measure risk find out of the nearly 6 million employers in the United States, the vast majority of them have fewer than 100 employees.

According to the 2013 Verizon Data Breach Report covering cyber theft statistics, 40% of 621 data theft incidents confirmed in 2012 affected organizations with fewer than 1,000 employees. Recent studies point to less rigorous security at smaller firms.

In a Sophos-sponsored Ponemon Institute survey of IT managers at small to mid-sized companies, the average self-assessment score of security posture (ability to mitigate risks, vulnerabilities, and prevent cyber theft and attacks) was a 6 on a scale of 10. Respondents reported, on average, fewer than three full-time workers fully dedicated to small business network security. And respondents reported a wide range of challenges including insufficient budgets, personnel and in-house expertise.

Smaller organizations that deploy enterprise-grade security products without the specialists necessary to manage them are exposed to a wide range of risks and costs. For instance, an IT generalist may struggle to manually configure a Host Intrusion Prevention System (HIPS) with hundreds of rules, deciding instead to turn off most of the product’s functionality. In fact, only 10% of businesses use all the security features and functions they pay for.

The Cloud simplifies security.

Today’s cloud-based solutions offer easily integrated online security for small business. They are a great fit for SMBs because they’re easy to install, configure and manage, and can provide automated, real-time protection from most threats. Other simple features businesses should look for in a cloud-based security product include:

  1. Unified security management
  2. User-centric management, reporting and licensing
  3. Pre-configured settings
  4. Built-in web security filtering
  5. Coordinated web content filtering policy
  6. Quick deployment and maintenance-free, with no server to setup

According a cloud security report that was conducted by IBM, 75% of businesses are set to increase security budgets. Meanwhile, 86% of businesses are looking at cloud-based security solutions. But 44% still view the cloud as potentially vulnerable. 

SecurityIntelligence.com image about security leaders

A Business Daily publication can give you a head start on knowing what your options are with cloud-hosted SMB security. In this report, they list 13 plausible and cloud-hosted solutions that you can use to better protect your business online right now. From integrated website solutions like CloudFlare, which is a free tool that helps prevent cyber attacks, to more robust solutions like NSFOCUS, which helps deter Distributed Denial of Service (DDoS) attacks.

There are cost-effective cyber theft prevention solutions for businesses of all sizes. Thanks to cloud innovation, these newer options provide enterprise-level protection at a fraction of the cost.

There’s never been a better time to consider protecting your business than right now. Find out how the cloud can simplify your SMB security and lower costs. Talk to a specialist by calling 1-800-INSIGHT.