Information Security, SMBs Are Vulnerable to Malware Attack

Network Security. Cyber Security. Information Security.  These are terms that are buzzing around small businesses, mid to large business, IT professionals and their teams.  Questions like “how large it the threat?  Is my business really a target?  What reasonable steps should I take? are often difficult to raise and even more difficult to answer.

Optimum Networking partners with Webroot to help ensure our clients’ endpoint protection.  As a trusted Managed Service Provider, our clients rely on our Support Desk, Onsight Engineers, Professional Services Team and Information Technology Business Strategy specialists.

Webroot—the Colorado based and international leader in anti-virus and anti-malware software—has released a white paper titled “SMBs are Vulnerable to Malware Attacks—10 reasons clients need a layered security strategy to stay safe”.

Here is a summary of their report:

  1. It’s not a matter of if you will hacked, but when—This is about awareness. The threats are so pervasive and non-discriminatory, that no company is safe. From solo entrepreneurs to SMB to enterprise companies, the bad guys cast a wide net.  You need to prevent as much as you can, and mitigate the damage when possible.
  2. The landscape evolves constantly—The bad guys present a moving target. If they remained the same, we would have beaten them by now.  No matter how good your internal IT professional or consultant is, they can’t stay up to date on all the latest threats. You need an expert team like Optimum Networking and updated tools from a quality vender like Webroot.
  3. End users may not know security best practices—the number one vulnerability to any system is always the human factor. You can have the best security system installed in your house, but if you leave the front door open or don’t activate the alarm, or worse yet, invite the criminal in and give him access to your valuables, all your security investment will go to waist. You may think you and your employees are savvy enough not to do this, but don’t be too sure.  Talk to Optimum about employee training and testing programs.
  4. Lack of effective security policy—barring all your employees “seeing the light” and adopting low risk, sound cybersecurity practice, you need to have policies in place (if for no other reason than to Cover Your Assets). If you in-house or contracted business attorney does not specialize in this, let us know and we can point you in the right direction.
  5. Exposure to multi-vector attacks—Think of all they ways you and your employees interact with the cyber world: email, attachments, links, web browsing, hosted applications, hosted servers, backups, mobile phones and more. These are all vulnerability points and requi
    re a comprehensive information security plan.
  6. Complex security platforms create administrative challenges—the more complex the threat, the more difficult (and costly) the response can be. By leveraging systems already in place from teams like Optimum Networking and services like Webroot, you can save your organization critical time and money.
  7. Out-of-date systems create vulnerabilities—Update Update Update. In the past you updated to get the latest or greatest features of your software or just for compatibility issues. Now updates are critical to maintaining data security patches.  When your IT professional tells you it is time to update, listen.
  8. Poor data backup practices—Backup Backup Backup. This is written three times for a reason.  Backup, then replicate the backup offsite, then monitor and test your backups on a regular basis. This will not prevent an attack, but it will mitigate the damage tremendously.
  9. No network visibility—tools to monitor your network can be cumbersome and costly. Optimum Networking can provide this visibility so our engineers can keep an eye on your systems, and provide ongoing reports for your peace of mind.
  10. Compliance issues—which can cause more harm to your business: the cyber criminals or the well-meaning bureaucrats that will impose fines, sanctions or worse on your company for non-compliance? Pick your poison, or work with Optimum to discover what boxes you need to check off to avoid trouble and implement just the right amount of information security.  And be careful, your biggest clients will be imposing compliancy requirements soon if they haven’t already.

If you can honestly say you have each of these items covered, sleep well tonight.  If not, please reach out to Optimum Networking so we can do an information security audit and help get you and your company on the right track.