Large company breaches and cyber attacks seem to dominate the headlines, but what we don’t hear much about is the devastation that cyber attacks have on a small to mid-size business. The media’s fascination with Advanced Persistent Threats (APTs), nation state attacks and cyber warfare, are lulling SMBs into a false sense of security; it’s easy to say, “It wouldn’t happen to me” or “We are too small for anyone to notice” or “We are not worth attacking?”
This line of thinking creates an opportunity - and a responsibility - for MSPs to educate and equip their customers against security threats that can cripple their businesses. SMBs make excellent targets for criminals. In fact, the number of attacks aimed at SMBs doubled in 2012 from 18% to 36%. Here are a few reasons why MSPs should be discussing network security, or lack thereof, with their SMB clients.
Smaller Targets are Appealing
Sensational stories always make the news, but the truth is, SMBs are targeted specifically because of their small size. Fewer IT resources make it likely that attacks won’t be noticed until the damage is done. According to a 2012 study conducted by the NCSA and Symantec, one in ten SMB owners say no one is responsible for online and cyber security at their business, and only 10% said they had a formal written Internet security policy.
End Users aren’t sophisticated
Even when companies have a dedicated IT practice, users can unwittingly allow attackers to infect their systems, whether through malware or phishing attacks. The growth of BYOD and the nomadic workforce increase the chance that infected devices could be operating on your SMB clients networks.
Networks are Insecure
Without IT personnel to implement best practices, most smaller business rely solely on anti-virus software to protect their data. However, in today’s threat environment, this alone is not enough to ensure endpoints are secure. By adding network-layer protection, MSPs can stop malware before it even reaches their customers’ endpoint devices and contain data leaks before they get out of hand. Today’s attackers are sophisticated and proactive – security solutions should do the same.
Putting Partners at Risk
As the global Internet economy grows, business is increasingly being conducted online. Although SMBs themselves may be small, their networks are not – something attackers are counting on. As this Fox News article explains, SMBs can be the perfect conduit for hackers to access the infrastructure of other companies. Consider business partners for a moment. They might include major corporations or government entities – all the more reason a comprehensive security solution is essential.
Customer Data and Trust at Stake
One of the most severe repercussions of a cyber attack for SMBs can be the loss of customer data – and consequently, trust. SMBs have data attackers want: credit card numbers, bank account credentials, and customer data. Their business will be liable should a breach occur. It only takes one security incident for customers to become unwilling to share their information with your client –60% of small businesses close within six months of a cyber attack.
As an MSP, if your customers are relying entirely on anti-virus technology for web security, you’re encouraging them to leave their network wide open. The five reasons above explain the threats and risks in tangible terms any business owner would understand. Recommending a network-layer security service is an easy, cost-effective alternative for delivering comprehensive protection from web attacks without cumbersome administrative overhead.
For more information about how network-layer security can help your business, visit our Umbrella for MSPs.
Dima Kumets is Product Manager at OpenDNS