Cybersecurity is among the top priorities for companies concerned with growing threats. Yet, many SMBs are not making cybersecurity a top priority. In fact, 43 percent of cyberattacks are targeted at SMBs, but only 14 percent are prepared for an attack. It’s no wonder they are a perfect target for cybercriminals.
The lack of knowledge and expertise small to medium sized business have when it comes to cybersecurity and how to protect their business is where we, as an MSP, come into play. MSPs can work with SMB clients to not only protect them from the dangers, but also educate them.
The plan
Using a combination of low and high-tech strategies can ward off the dangers of the ever-growing number of cyber threats. Many of the low-tech strategies can assist in protecting against social engineering and the risks associated with human error. Meanwhile, high-tech strategies can aid in combating against the larger, outside threats such as ransomware attacks, viruses, and other harmful actors.
It is important to implement a multi-faceted plan when it comes to cybersecurity, as vulnerabilities from the inside are just as dangerous as those from the outside. As I’m sure you’ve heard plenty of times ‘all it takes is one person to click on a malicious link.’ The saying has been used everywhere, but could not be more true. The damage done from one employee clicking on a harmful link in an email can cause just as much harm as a hacker exploiting a weak firewall.
Low-tech strategies that SMBs should implement
- Educate and train employees– Notify everyone of the risks associated with bad cyber hygiene and how those negligent behaviors at home translate into the workplace. It’s also a good idea to teach your staff how to spot phishing emails and other common social engineering attacks.
- Limit employee access- Ensure that only those employees that need access to sensitive data, files, and documents have access. When every employee has access to every resource, you run a higher risk of exploitation.
- Utilize multi-factor authentication– Employing MFA for all logins will add an extra layer of protection.
- Have a plan in place for when an attack happens– Even companies that have the highest-grade security can still become victim to an attack, so thinking you won’t be a victim is a huge mistake. Ensuring everyone knows what to do if an attack happens will mitigate your risks and prevent further damage.
High-tech strategies that SMBs should implement
- Back up data and files daily– In the event of a ransomware attack, your files can be retrieved without having to pay a large sum of money, since your data will have been stored safely elsewhere.
- Assess risk and vulnerabilities routinely. This should be done on computer networks and applications to find potential problems before they arise.
- Install AND update anti-virus, network firewall, and information encryption tools– Many SMBs have firewalls and an anti-virus, but the problem is that they have not been updated in a long time. This is almost as bad as not having the two because both are your first line of defense against attacks.
- Implement cyber analytics tools to proactively look for and combat attacks– Having a tool that works proactively to detect and immobilize suspicious activity before it becomes a real threat can save SMBs time, money, and stress.
Making sure that your customers use each of these strategies in combination with each other can help your MSP in multiple ways. Achieving this balanced approach will limit the amount of cybersecurity incidents and the damage control that your MSP will have to deal with. At the same time, it proves that you are knowledgeable in your services and the cybersecurity landscape, which will make your MSP’s clients more appreciative of your partnership.
Photo: Anatoli Styf / Shutterstock