5 Tips for Securing an SMB Network


The need for small and medium businesses (SMBs) to protect their networks and the data inside them is becoming more important every day. Not only are threats and intrusions on the rise, but the cost of data breaches is also on the rise.

The 2010 Annual Study: U.S. Cost of a Data Breach, released this March by the Ponemon Institute and sponsored by Symantec, shows that the cost of a breach continues to increase. In 2010, the cost of a single breach reached $214 per compromised record (up $10 over 2009) and averaged $7.2 million per data breach event (up seven percent from $6.8 million in 2009). Total breach costs have grown every year since 2006.

The study found that it's not only the direct costs of a data breach such as notification and legal defense costs that impact the bottom line for companies, but indirect costs such as lost customer business due to abnormal churn.

Two of the report's key findings are very relevant to SMBs:

Malicious or criminal attacks are the most expensive attacks -- and are on the rise. In this year's study, 31 percent of all cases involved a malicious or criminal act, up seven points from 2009, and averaged $318 per record, up 43 percent from 2009.

Negligence remains the most common threat. The number of breaches caused by negligence edged up one point to 41 percent and averaged $196 per record, up 27 percent from 2009. This reflects the ongoing challenge of ensuring employee and partner compliance with security policies.

According to Verizon's most recent threat report, SMBs are at greater risk as hackers focus on smaller targets of opportunity. They are also more vulnerable to network intrusions because they are less able than enterprises to afford the technology or IT expertise maintain a strong defense.

For most SMBs, the budget-savvy answers to their security concerns lie in some combination of adopting:

    • a layered approach to security;
    • securing endpoints;
    • deploying data loss prevention (DLP) measures;
    • using unified threat management (UTM) appliances; and
    • leveraging managed services.
Let's take a quick look at each one of these approaches:

Tip No 1: Adopt a layered approach - Each network node, wired or wireless, should be protected, said David Dadian, CEO of powersolution.com, a VAR in Ho-Ho-Kus, New Jersey. "An SMB needs to have protective measures for data at rest and in transit, and to maintain control of mobile devices."

Tip No 2: Secure endpoints - It's vital to secure anything that attaches to your network, whether it's a server, USB drive or mobile phone. Each carries threats. Patching endpoints, performing vulnerability assessments, remediation, and enforcing corporate compliance are all part of effective endpoint security.

Tip No 3: Deploy data loss prevention (DLP) - Look for a solution that moves data loss from detection to prevention and avoids false-positives by engaging users to remediate.

For example, Check Point's DLP Software Blade can block an email containing sensitive financial information to an external recipient, alert the user in real-time of the potential breach and ask him to discard the email, send it if it is a valid communication -- i.e., to an external auditor -- or review it to understand the issue.

Check Point's DLP not only prevents data loss but also educates users on corporate policies while enforcing them.

The Check Point solution is available as a stand-alone appliance and as a software blade that can be deployed on all Check Point security gateways. Both products are centrally managed through a single security management console, which reduces complexity and operational overhead.

Tip No 4: Use unified threat management (UTM) appliances - The UTM concept is based on the assumption that a combination of security solutions bundled in the same appliance creates a better and cheaper security umbrella for organizations.

Typical UTM solutions include a firewall, intrusion prevention system/intrusion detection system (IPS/IDS), an AV (antivirus) component, an AS (anti-spam) component, and a virtual private network (VPN).

Check out our article A Guide to Free Antivirus Software for a review of four of the most popular anti-virus software downloads.

"A next-generation firewall is not enough to protect network infrastructure, internal and external," said Dadian. "We deploy UTMs from Fortinet because its products deliver data loss protection and anti-virus, as well as a high performance firewall."

Tip No 5: Leverage managed services - "More and more SMBs choose managed security or SaaS because it gives them a reliable, outsourced solution at a fixed monthly fee," said John Keenan, VP of Distribution, Americas for SonicWALL.

Keenan said managed services are a great business for VARs, because they enable them to consolidate their line cards, provide management tools to their customers, and generate recurring monthly revenue.

By using SonicWALL's Global Management System, a VAR can manage thousands of customer sites from a centralized location and provide a full range of network security solutions, including SonicWALL's line of Internet security appliances, wireless products, intrusion prevention, and gateway anti-virus.

Herman Mehling has written about IT for more than 25 years. He has worked for many leading computer publications and websites, including Computer Reseller News, eWeek, and InformationWeek. Currently, he contributes regularly to Devx.com and Enterprisestorageforum.comas well as ProjectManagerPlanet.com