Harden Your Small Business Security with These Expert Recommendations

By Special Guest
Stuart R. Crawford

The cybersecurity dangers facing small businesses are legion, particularly when you don't have the internal resources available to rise to the challenge. Fighting through security issues while trying to keep your business afloat during this difficult economic era feels like adding insult to injury for many small business owners. CNBC estimates that even a basic cyberattack can cost companies an average of $200,000 -- enough to devastate your company even during the best of times. Small to mid-size businesses are the target of a significant percentage of cyberattacks, even though they typically lack the preventative and protective resources of larger organizations. We recently connected with experts from IT managed services providers around the country to get their recommendations for hardening your small business against cyberattacks.

Managing User Access with "Zero Trust" and "Least Privilege"

While internal user attacks against an organization are not the norm, technology professionals still recommend locking down user privileges to the lowest possible level of accessibility as a matter of course. Evan Eakin of Elevate Services Group notes: "You want to be mindful of who can access data, utilizing a "zero trust' and "least privilege" approach. Troy Drever of Pure IT, agrees. "Always lock down user accounts so they don't have admin-level privileges. This is an easy way to reduce the potential of an attack that doesn't cost a dime!". Another way to keep users in the loop in terms of security is through aggressive employee training, for which Holden Watne of GenerationIX is an advocate. "The biggest threat to your organization sits right in front of your keyboard -- don't forget to include regular phishing tests in your cybersecurity training." Michael Nelson of TLC Tech shared another suggestion: "Turn on Conditional Access to help limit the geographic location for logins."

Create Consistency in Your Software Update Schedule

Another key area for concern for small businesses is the update schedule for your software. "Aging platforms can be a serious security risk, and some organizations overlook patching all applications and devices against security vulnerabilities", according to Jeff Rapp of ARCIS Technology Group. Alek Pirkhalo of Infiniwiz also recommends having a solid backup plan in place so you can recover information if the need arises. "Always evaluate backup vendors to see how they handle encryption, delta copies and more." Anthony Buonaspina of LI Tech Advisors notes: "You should also perform a regular network security scan to uncover any new devices of vulnerabilities." Even security software needs to be patched on a regular basis, with Endpoint Detection and Response (EDR) becoming an important component of your overall security posture.

Maintain a Layered Approach to Security

One of the hot-button topics for enterprises is layered security, but small businesses can also find value with these strategies. "Add multi-factor authentication for users, encourage the use of strong passwords and institute web-based email scanning to stop high-level attacks", according to Carl Fransen of CTECH Consulting Group. Adam Fadli of Discovery IT also encourages MFA, along with a robust enterprise-class firewall like FortiGate that also offers SMB-friendly pricing. "Security should be applied in layers, such as email, edge and workstation", shared by Joe Cannata of Techsperts, LLC. Several of our experts also noted the importance of having a proactive IT security risk assessment and network review performed on a regular basis to help ensure that your brand reputation and revenue are protected from cyberattacks.

Prepare for the Worst

Nearly every technology guru we consulted shared the need to be prepared in the event of a disaster. Backups should be well-secured and tested regularly. Jeff Rapp of ARCIS Technology Group summed up the thinking of the group: "There's a strong possibility that your business will be hit by ransomware at some point. Making sure you have disaster recovery technology solutions and plans in place can help you avoid paying the ransom -- and getting your business back up and running quickly."

While there are plenty of suggestions from this group of high-tech leaders, one final recommendation was from John Beyer of Realized Solutions. "Look for technology solutions that can help automatically block dangerous activity or create notifications for your team. One example is DMARC, or Domain-based Message Authentication, Reporting & Conformance." Staying ahead of the trends on the technology front will help your small to mid-size business maintain consistent operations during the COVID-19 crisis and beyond.

Related Articles

Ireland's Welltel to Boost Managed Services Offering with Acquisition of Novi

By: Tracey E. Schelmetic    7/10/2020

Welltel, an Irish end-to-end communications provider, announced last week that it has acquired Kildare, Ireland-based IT service provider Novi. The go…

Read More

MSP CEOs Reidentifying Themselves

By: Special Guest    7/9/2020

The term CEO, which stands for Chief Executive Officer, is commonly used by executives who run large companies. However, many business owners and entr…

Read More

Nickel Advisors Discusses The Benefits Of Online Financial Tools?

By: Special Guest    7/8/2020

With so many advancements in technology, it's no wonder more people are turning to apps and websites to help with their daily lives. Using online fina…

Read More

Louisiana Now Requires MSPs Serving Government to Register: Here's Why It's a Great Idea!

By: Special Guest    7/8/2020

Though managed service provider registration has been discussed, it's only recently come into play. Louisiana Act 117 was recently signed into law to …

Read More

QuestBlue Signs on as a Platinum Sponsor for MSP Expo 2021, #TECHSUPERSHOW

By: TMC    7/7/2020

TMC today announced QuestBlue has signed on a Platinum sponsor for MSP Expo (part of #TECHSUPERSHOW), being held February 9 - 12, 2021 at the Miami Be…

Read More