Common Cybersecurity Pitfalls for SMB Networks
Previously, there was an office firewall, and everything inside this discrete location was trusted. Today, with remote work, the traditional concept of a perimeter has vanished. Employees are working from home, from the airport or from a café, and proprietary data is on Microsoft 365, Salesforce or a dozen other Software as a Service applications. Your network is now wherever your people are going to be, which can be anywhere outside of an office.
The new perimeter is identity, and the question isn't, “Are you inside our building?”
It's, “Are you the right person, on a healthy device, doing something normal for your role?”
If SMBs are still trying to defend with the castle-and-moat model, that won’t work anymore. And with Ransomware as a Service and AI-assisted phishing, the cost of going after a 50-person company is now almost the same as going after a 5,000-person company.
LEARN MORE: What’s the role of a partner in managing security services?
Here’s what I’ve noticed consistently as common weaknesses SMBs share:
- A flat network, where one compromised laptop can essentially reach everything
- Over-reliance on a perimeter firewall that typically protects an entire company as the single line of defense
- Inconsistent patching on firewalls and switches
- Shared administrator access rights
- Lack of multifactor authentication
- Limited visibility, so when an attack does happen, SMBs are hearing from a bank first, not their own monitoring
- Lack of backup options, so there’s no way to restore the data before the attack
SMBs often have lean IT teams, and they don’t always have the bandwidth or capabilities to configure solutions beyond out-of-the-box expectations. They could be missing out on configurations that support more backup and recovery.
Zero-Trust Security Is Not a Product You Buy
At this point, the importance of zero-trust security has been shared far and wide. It’s not a massive enterprise project that small businesses don’t need. In fact, the elements that cover zero trust are crucial to keep SMBs safe and operational:
- Multifactor authentication
- Segmentation and inventory, or managing what’s in your environment
- Endpoint detection and response
- Backup and recovery
- Regular employee education and training
No matter the size, businesses must verify every user (human and AI) and device in their environment. And when access is granted, it should only for what the user needs, not a blanket permission. Also, if IT admins don't know what they have on their networks, that’s an extreme vulnerability. It's essential to understand what you have in your environment. Every identity within a business needs to have a policy attached to it.
DISCOVER: How to quantify cyber risk to justify strategic cybersecurity investments.
Secure access service edge is another benefit for SMBs. SASE bundles secure web access into one cloud-delivered platform, so instead of buying and managing five different boxes (as many customers do), IT teams get consistent policy whether users are in the office, at home or in a coffee shop.
Last, train your people right. Phishing is a huge threat, and it’s going to continue to be a major issue as AI models improve. Data security, now more than ever, takes center stage. Employees pasting sensitive data into AI tools has become a huge topic of conversation, and the question shifts from “Is my network secure?” to “Where is my data going, and what is touching it?” I think it's critical to have governance and policies over what employees are putting into AI and essential that we have parameters in place to ensure nothing is leaking to the public.
Ultimately, it’s about resilience over prevention. The smartest small businesses will stop trying to prevent every incident and start investing in the ability to detect, respond and recover quickly. Assume that a breach will happen, and then design for fast recovery. Expect the worst, but know what you're going to do if the worst comes.
This article is part of BizTech's AgilITy blog series.
