SMB Security Suite

Design to Manage : Basic to Advanced

SMB Security Suite
Share on facebook
Facebook
Share on twitter
Twitter
Share on linkedin
LinkedIn

Cyber security is a hot topic these days.  It’s an area where no matter what, you can always pay more.  Unfortunately, a lot of our competitors lead this discussion with fear.  We believe 90% of small and medium sized businesses can adequately protect themselves with a nominal investment.  At Generation IX, we include entry level coverage in our “All-In” contract.

However, a handful of our clients do need next level security.  To better understand what is out there, I sat down with our Solutions Architect, Shawn Sachs.  This guy has a brain for tech, and can also break it down into non techie terms.

In this post I go over:

Key Considerations when designing a security suite:

Cloud vs. on-premise vs individual workstations vs. mobile devices
  • Where is the information stored?
Threat: company vs. individual
  • Are we trying to protect an entire company, or just a specific individual?
  • Is it all members of the company or just a few select departments?
  • Just the VIPs?
Pointed attacks vs. shotgun attempts
  • What is the likely hood of you or your firm being specifically targeted?
  • What is the demographic of the firm?
Financial vs company data
  • Is the threat to financial information or to proprietary data?
Threat: losing data or somebody learning information
  • Is the concern losing access to information? Or a third party gaining access to company/personal secrets?
  • For lost access, is temporary loss acceptable?

Next We Identify Vulnerabilities

 External Threats

Here we are looking at what is trying to get through or around your firewall.  The first step in protecting from external threats is limiting what can be accessed from the outside.  

  • What applications are facing the outside?
  • What applications/data can be accessed offsite?

* This does not include hosted applications.

 Internal Security Threat

Once they’re “in,” how hard it is to jump around from device to device.  After the trojan horse gets in, are the soldiers running wild or are we able to quickly quarantine and close off sections.

Examples of internal protections that require no extra software investment:

  • Properly VLAN: a VLAN virtually segments a network to prevent hopping around.  
  • Regularly applying patches: security updates for hardware and software.
  • Misconfiguring: Make sure all security vulnerabilities are for business reasons and not mistakes.
  • Demilitarized zone (DMZ): Additional subnet added to be a buffer between the internet and internal network

Security Suite: The Basics

In addition to properly setting up a network, there are some standard security services we recommend for all businesses.

Antimalware (Antivirus)

Antivirus is the term most people know.  Viruses fall under the larger malware umbrella.  Malware includes viruses, spyware, adware, nagware, trojans, worms, and more. All computers should have antimalware in place.

Employee Education (Phishing)

Phishing attacks are getting better and better.  These refer to fraudulent attempts to learn usernames, passwords, financial information, or other personal data using the guise of a trustworthy entity.   One of the best protections for this is employee education.

Additional Phishing Precautions:

  • Simulate phishing attacks.  This way you can now which users are the most susceptible.
  • With some simulations, the employee can be suggested trainings when they are caught.
  • Outlook add-in: Detects and reports phishing attempts.
Auditing Security: Access Control

Businesses grow and shrink.  They experience turnover.  In small and medium sized businesses, roles can change often.  Employees don’t always appreciate when you take access away from them.  For all of these reasons, it is important to regularly audit who has access to what.

Commonly, the owner wants admin rights.  He/she owns the place and needs to have the keys to the kingdom.  While we agree, it is important he/she doesn’t actually use the master passwords.  They are the most vulnerable to cyber attacks.

Multi Factor Authentication

It is inconvenient and can be the cause of great frustration.  However, there is no excuse for not having 2 factor authentication; at minimum, your email should be guarded.  It is not an end all protection, but it does stop majority of the phishing attacks. The next step up would be to use 2-FA for any internal applications that face the internet.

Security Suite: Examples of Advanced

High end security suites are highly customized and tailored to each business or firms needs.  The first step is answering the questions at the start of this post.  Next, is the security assessment.

Security Assessment:

Vulnerability and penetration testing (internal and external).  Below are a few vendors for software that can be used to expose all potential holes in a businesses defense.  

  • Nessus
  • Metasploit
  • Qualys

These tools can be helpful, but we highly advise you leave it to the Pros.

Advanced threat detection:

Comprehensive end point control and monitoring tools can be used in firms that want that extra level of security. Below are two of the leaders in the space.

Carbon Black vs Crows Strike

These tools are becoming more important in the world of smart devices.

Behavior Monitoring tools

Are employees sending company data in their personal email?  Are they saving files to a dropbox account the business owners don’t know about?  The barrier to technology is getting lower and lower.  This can result in unplanned adoption of new tools.  We are talking about Shadow IT.

Enter tools like Veratio: According to its website the tool “specializes in providing insight and actionable intelligence into the activities and behaviors of users: employees, contractors, and those who seek to steal their credentials.”

Firewall log monitoring

Realtime analysis of attempts to penetrate a firm’s firewalls.  All firewall activity is logged, and this log can be analyzed using third party tools.  Services like Graylog, Rapid7, and AlientVault can help anticipate future attacks.

Cyber Insurance

At the end of the day, the best security insurance is insurance.  Firms that offer cyber insurance can help with before, during, or after a cyber attack.  How to valuate what you lost? These guys can help:

Don't Wait for an Attack

"According to the U.S.’ National Cyber Security Alliance, 60 percent of small companies that sustain a cyber attack are out of business within six months."

Contact your IT provider to find out what else you could be doing to improve your firm’s security. 

SMB Security Suite

SMB Security Suite

Written by Reed Watne

Share on facebook
Share on twitter
Share on linkedin

Cyber security is a hot topic these days.  It’s an area where no matter what, you can always pay more.  Unfortunately, a lot of our competitors lead this discussion with fear.  We believe 90% of small and medium sized businesses can adequately protect themselves with a nominal investment.  At Generation IX, we include entry level coverage in our “All-In” contract.

However, a handful of our clients do need next level security.  To better understand what is out there, I sat down with our Solutions Architect, Shawn Sachs.  This guy has a brain for tech, and can also break it down into non techie terms.

In this post I go over:

Key Considerations when designing a security suite:

Cloud vs. on-premise vs individual workstations vs. mobile devices
  • Where is the information stored?
Threat: company vs. individual
  • Are we trying to protect an entire company, or just a specific individual?
  • Is it all members of the company or just a few select departments?
  • Just the VIPs?
Pointed attacks vs. shotgun attempts
  • What is the likely hood of you or your firm being specifically targeted?
  • What is the demographic of the firm?
Financial vs company data
  • Is the threat to financial information or to proprietary data?
Threat: losing data or somebody learning information
  • Is the concern losing access to information? Or a third party gaining access to company/personal secrets?
  • For lost access, is temporary loss acceptable?

Next We Identify Vulnerabilities

 External Threats

Here we are looking at what is trying to get through or around your firewall.  The first step in protecting from external threats is limiting what can be accessed from the outside.  

  • What applications are facing the outside?
  • What applications/data can be accessed offsite?

* This does not include hosted applications.

 Internal Security Threat

Once they’re “in,” how hard it is to jump around from device to device.  After the trojan horse gets in, are the soldiers running wild or are we able to quickly quarantine and close off sections.

Examples of internal protections that require no extra software investment:

  • Properly VLAN: a VLAN virtually segments a network to prevent hopping around.  
  • Regularly applying patches: security updates for hardware and software.
  • Misconfiguring: Make sure all security vulnerabilities are for business reasons and not mistakes.
  • Demilitarized zone (DMZ): Additional subnet added to be a buffer between the internet and internal network

Security Suite: The Basics

In addition to properly setting up a network, there are some standard security services we recommend for all businesses.

Antimalware (Antivirus)

Antivirus is the term most people know.  This is mainly due to marketing.  Viruses fall under the larger malware umbrella.  Malware include viruses, spyware, adware, nagware, trojans, worms, and more. All computers should have this defense in place.

Employee Education (Phishing)

Phishing attacks are getting better and better.  These refer to fraudulent attempts to learn usernames, passwords, financial information, or other personal data using the guise of a trustworthy entity.   One of the best protections for this is employee education.

Additional Phishing Preventions:

  • Simulate phishing attacks.  This way you can now which users are the most susceptible.
  • With some simulations, the employee can be suggested trainings when they are caught.
  • Outlook add-in: Detects and reports phishing attempts.
Auditing Security: Access Control

Businesses grow and shrink.  They experience turnover.  In small and medium sized businesses, roles can change often.  Employees don’t always appreciate when you take access away from them.  For all of these reasons, it is important to regularly audit who has access to what.

Commonly, the owner wants admin rights.  He/she owns the place and needs to have the keys to the kingdom.  While we agree, it is important he/she doesn’t actually use the master passwords.  They are the most vulnerable to cyber attacks.

Multi Factor Authentication

It is inconvenient and can be the cause of great frustration.  However, there is no excuse for not having 2 factor authentication; at minimum, your email should be guarded.  It is not an end all protection, but it does stop majority of the phishing attacks. The next step up would be to use 2-FA for any internal applications that face the internet.

Security Suite: Examples of Advanced

High end security suites are highly customized and tailored to each business or firms needs.  The first step is answering the questions at the start of this post.  Next, is the security assessment.

Security Assessment:

Vulnerability and penetration testing (internal and external).  Below are a few vendors for software that can be used to expose all potential holes in a businesses defense.  

  • Nessus
  • Metasploit
  • Qualys

These tools can be helpful, but we highly advise you leave it to the Pros.

Advanced threat detection:

Comprehensive end point control and monitoring tools can be used in firms that want that extra level of security. Below are two of the leaders in the space.

Carbon Black vs Crows Strike

These tools are becoming more important in the world of smart devices.

Behavior Monitoring tools

Are employees sending company data in their personal email?  Are they saving files to a dropbox account the business owners don’t know about?  The barrier to technology is getting lower and lower.  This can result in unplanned adoption of new tools.  We are talking about Shadow IT.

Enter tools like Veratio: According to its website the tool “specializes in providing insight and actionable intelligence into the activities and behaviors of users: employees, contractors, and those who seek to steal their credentials.”

Firewall log monitoring

Realtime analysis of attempts to penetrate a firm’s firewalls.  All firewall activity is logged, and this log can be analyzed using third party tools.  Services like Graylog, Rapid7, and AlientVault can help anticipate future attacks.

Cyber Insurance

At the end of the day, the best security insurance is insurance.  Firms that offer cyber insurance can help with before, during, or after a cyber attack.  How to valuate what you lost? These guys can help:

Don't Wait for an Attack

"According to the U.S.’ National Cyber Security Alliance, 60 percent of small companies that sustain a cyber attack are out of business within six months."

Contact your IT provider to find out what else you could be doing to improve your firm’s security. 

Have questions about how you can improve your security?