https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • Analytics
    • Artificial Intelligence
    • Cloud
    • Data Centers
    • Desktop
    • IoT
    • Mobility
    • Networking
    • Open Source
    • RMM/PSA
    • Security
    • Virtualization
    • Voice/Connectivity
  • Strategy
    • Back
    • Best Practices
    • Business Models
    • Channel 101
    • Channel Programs
    • Channel Research
    • Digital Transformation
    • Diversity & Inclusion
    • Leadership
    • Mergers and Acquisitions
    • Sales & Marketing
    • Specialty Practices
  • MSSP Insider
    • Back
    • Business of Security
    • Cloud and Edge
    • Endpoint
    • Network
    • People and Careers
    • Training and Policies
  • MSP 501
    • Back
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Our Sponsors
    • From the Industry
    • Content Resources
    • COVID-19 Partner Help
    • Galleries
    • Podcasts
    • Reports
    • Videos
    • Webinars
    • White Papers
  • EMEA
  • Awards
    • Back
    • Excellence in Digital Services
    • 2020 MSP 501
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Partners Evolution
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
  • Channel Mentor
    • Back
    • Channel Market Intelligence
    • Channel Educational Series
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Digital Service Providers
  • Cloud Service Providers
  • CHANNEL PARTNERS ONLINE
 Channel Futures

From the Industry


The What, Why and How of Small Business Security Threats

  • Written by Intronis Guest Blog 2
  • March 27, 2014
Big business security breaches are the stories that most often make headlines, but small businesses shouldn’t think their size makes them any less immune to the same problems.

You may remember the popular catch phrase that was bandied around after the 2008 financial meltdown: “too big to fail.” The implication was that certain financial institutions are so large and so interconnected that their failure would be disastrous to the economy.

While it can be argued this mindset is flawed and dangerous, companies at the opposite end of the spectrum can suffer from a similarly flawed belief, which can be paraphrased: “too small to be noticed.” What this refers to is the false notion that cybercriminals who make a living exploiting companies’ IT systems won’t waste their efforts with such small pickings.

Following are some facts that point to a very different reality about the security challenges SMBs are facing (the what), some insights into why this is happening, and concluding with some tips for how IT service providers can help.

What Security Challenges Are Small Businesses Facing?

The 2013 Verizon Data Breach Investigations Report, which corroborates the findings of 19 global organizations on studying and combating data breaches, identified 621 confirmed data breaches in 2012. Of that number, 193 (31 percent) were from businesses with 100 or fewer employees and another 9 percent were attributed to organizations with between 101 and 1,000 employees. The average cost of a data breach, according to a 2010 joint study conducted by Applied Research and commissioned by Symantec, is $188,242 per year. Most SMBs would struggle with that kind of financial hit – and a good number would experience layoffs or worse as a result.

Shedding additional light on the subject is The Symantec 2013 Internet Security Threat Report, which notes that the attacks to small businesses in 2012 (which the report defines as businesses with fewer than 250 employees) were up 18 percent over the previous year. Additionally, McAfee, in conjunction with Office Depot, conducted a survey of more than 1,000 SMBs and found some additional surprises:

  • Only 9 percent of SMBs use endpoint/mobile device security despite the widespread use of employee-owned devices (i.e. BYOD)
  • 45 percent of SMBs take no measures to secure company data on employees’ personal devices
  • 80 percent of SMBs don’t use data protection in general
  • Less than 50 percent use email security
  • Only about 50 percent use Internet security technologies.

Rounding out the state of SMB security is research from PriceWaterhouseCoopers, which discovered that 96 percent of PCs are not adequately backed up. In other words, when malware, security breaches, and other security-related issues strike, the chance of data loss and downtime is high among SMBs.

Why do Cybercriminals Value Your SMB Customers’ Data so Much?

Now that we’ve established the fact that SMBs as a whole are in a pretty vulnerable state, the big question is why are cybercriminals starting to hone in on this group? One reason is that larger corporations are investing more heavily in sophisticated security strategies, which is forcing cybercriminals to seek lower hanging fruit. A recent presentation from IT security consulting firm Kalki Consulting, suggests cybercriminals have four primary motivations for targeting SMBs, including:

  1. Extortion and/or Financial Gain. Ransomware malware such as CryptoLocker is becoming a big problem for unsuspecting SMBs. Ransomware attacks occur when criminals break into the victim’s computers and encrypt all data on the system, rendering it inaccessible unless a fee is paid (using a form of digital currency known as Bitcoins) in exchange for the decryption key. Without that key and without a valid backup, the victim is out of luck and unable to recover its data.
  2. Identity Theft and Payment Fraud. In 2013, more than 11 million people within the U.S. alone were victims of identity theft with the damage reaching $21 billion. Once criminals steal someone’s personal information, they use it to commit payment fraud, including misuse of the victim’s existing credit cards (64 percent of fraud incidents), misuse of the victim’s existing bank account (35% of fraud incidents), and general misuse of the victim’s personal information (14 percent)  (Source: Statistic Brain).
  3.  Medical Insurance Fraud. Cybercriminals use victim’s healthcare insurance to acquire prescription drugs that can be resold on the street as well as billing insurance companies for services not rendered in the hopes of a big payoff. The FBI estimates that healthcare fraud costs American taxpayers $80 billion a year.
  4. Spreading Malware.  So why exactly do the bad guys want to infect corporate websites and IT networks?  The cybercrime economy is mature and complex, and malware distributors have multiple methods for monetizing their trade. Often, infecting networks/websites is the first step in this insidious process. Infected networks/websites can be configured to serve Trojans or spyware that, once installed, quietly logs the PC owner’s keystrokes and sends that information back to servers controlled by cybercriminals. When users log into banking or other websites, the malware steals their credentials and sends them to the criminals. The bad guys can then access bank accounts or sell those credentials on underground forums.

How You Can Protect Your SMB Clients

Although it’s sometimes tempting to take for granted that VARs and MSPs already understand the concepts being outlined in this article, our own research found that 44 percent of technology firms depend on their clients suffering data breaches or downtime before discussing security and backup. So, the first and most pressing piece of advice is this: start communicating with your clients about the threats that are out there and why they should care.

Something else to consider is making data security, backup and recovery mandatory practices for every customer. Think about it: Do you really want to do business with clients that don’t value their businesses and data enough to protect them? Most VARs and MSPs find that the few clients lost after several attempts to educate them about data protection become a “growth through attrition” experience in the long-term.

Another important point to keep in mind with security and backup is to automate as much as possible. And, this is where software as a service and the cloud come into play. Unlike traditional security software that is sold as a one- or two-year license, SaaS-based security is sold as a subscription that never needs to be renewed. Additionally, it’s a good idea to ensure the software can be automatically updated on a regular basis and you can remotely monitor it and receive alerts should something not work properly.

And, last but certainly not least, it is imperative to ensure your customers’ data is properly backed up using a reliable enterprise solution that supports local data backups for quick data restore and secure off-site backup for disaster protection. To learn additional best practices for implementing a solid security and backup solution be sure to check out: 4 Steps to a Fool-Proof Business Continuity Plan.

Neal Bradbury is co-founder and VP of Channel Development at Intronis.

Tags: Cloud Service Providers Digital Service Providers MSPs VARs/SIs From the Industry

Related


  • 2021 predictions
    Three 2021 Predictions that MSPs Can Bank On
    Among 2021 predictions, this one is almost guaranteed: Cloud, security, and training will remain key strategies for MSP success.
  • RMM system
    Top 4 Benefits of an RMM System
    An RMM system is a crucial part of any MSP’s growth to support smooth business operations, efficient technicians, and client satisfaction.
  • BEC
    How to Mitigate the Risk of Social Engineering and BEC Attacks
    Here are several tips for staying ahead of social engineering and BEC attacks.
  • Cybersecurity
    2021 Cybersecurity Predictions
    Here are some of the drivers that will underpin organizations’ cybersecurity priorities in 2021.

One comment

  1. Avatar Anonymous December 6, 2016 @ 7:08 am
    Reply

    First of all I would like
    First of all I would like thank you for the awesome post.
    I have question for you. I am small business owner and want to know that normal remote access is secure or not from hackers and other danger.
    I have found this a blog regarding secure remote access on purevpn blog and after reading that blog I am very scared.
    please suggest

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • Cloud Migration Hurdles—and How to Overcome Them
  • Rethink Endpoint Protection in 2021
  • Tactics for Selling SaaS Backup
  • The Increasing Importance of Business Resilience and Network Agility

Galleries

View all

New, Changing Partner Programs: AWS, Tech Data, Avaya, Verizon

January 11, 2021

Industry Perspectives

View all

Help Your Customers Mitigate Malware: Viruses, Worms, and Trojans…Oh My!

January 15, 2021

SMBs’ Cybersecurity Risk Awareness Is Rising

January 13, 2021

Your Cloud Data Is Protected, But Is It Portable?

January 12, 2021

Webinars

View all

Blueprint for a Scalable MSSP Practice in 2021

January 21, 2021

Who’s Behind the Mask? Hacker Personas Explained

January 26, 2021

How Managed Hosting Providers Thrive with the Alternative Cloud

February 24, 2021

White Papers

View all

Why Subscription Business Model

January 15, 2021

The Ultimate MSP Guide to Sales Efficiency

January 14, 2021

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools

January 14, 2021

Upcoming Events

View all

Channel Partners Virtual

March 2, 2021 - March 4, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Videos and Fastchats

View all

FASTCHAT: How SOAR Eliminates Security Challenges and Elevates Service Provider Revenues

January 6, 2021

Happy Holidays from Channel Partners & Channel Futures!

December 21, 2020

FASTCHAT: How Old, Unpatched Technologies Are Creating New Security Threats for MSPs and Their Customers

December 3, 2020

Twitter

ChannelFutures

.@IBMServices snaps up #MSP Taos for #hybridcloud expertise. dlvr.it/RqggQR https://t.co/Fy3uPDtLNw

January 16, 2021
ChannelFutures

.@LenovoBusiness launches its thinnest #ThinkPad to date @CES, revamped ThinkBooks and #ThinkReality glasses.… twitter.com/i/web/status/1…

January 16, 2021
ChannelFutures

Help your customers mitigate #malware @Tech_Data #cryptolocker #antivirus #ransomware #cybersecurity… twitter.com/i/web/status/1…

January 15, 2021
ChannelFutures

Advantages of the Subscription business model for MSPs and IT Resellers @kaspersky dlvr.it/RqgDJn https://t.co/ay694fudp3

January 15, 2021
ChannelFutures

Cloud #distributor @Pax8 launches in UK with leadership team in place. dlvr.it/RqfJWx https://t.co/RsKDCowM5V

January 15, 2021
ChannelFutures

bit.ly/3oO2vFY twitter.com/Craig_Galbrait…

January 15, 2021
ChannelFutures

The Ultimate MSP Guide to Sales Efficiency @zomentum dlvr.it/Rqc63q https://t.co/rHIVLkR01K

January 15, 2021
ChannelFutures

Eight Reasons Why MSPs Need IT Industry-Specific Sales Tools dlvr.it/Rqc62k https://t.co/MQDcIYc7G9

January 15, 2021

MSSP Insider

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Channel Partners Online

Want more? Find more channel news and analysis on our sister site, Channel Partners.

Media Kit And Advertising

Want to reach our audience? Access our media kit

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Online
  • Channel Partners Events
  • MSP 501
  • MSSP Insider
  • IoT World Today
  • Webhostingtalk

WORKING WITH US

  • Contact
  • About us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X