For SMEs, deciding how much to invest in IT security operations can be difficult. You need your data to be secure and safe from hacking. With 10.52 billion attempted malware attacks identified by just one cybersecurity firm in 2018, the one certainty for modern businesses is that smaller businesses are now as much of a target as enterprises are. If businesses fail to invest in cybersecurity they could lose reputation and money if a cybercriminal is successful.

However, SMEs do not have infinite budgets for big corporate-level security systems. Money spent on cybersecurity and information security cannot be spent on other areas of the business, so you need to ensure that you are investing in solutions that provide real value and value for money.

With this in mind, we have put together a ‘must-have’ list of IT security products that every SME should invest in, along with some tips on deciding which solutions provider to choose.

1. Firewall

A firewall is your first line of defence against cyberattacks.

The type of firewall an SME needs most is called a proxy firewall or application firewall. It sits between your internal network and outside networks such as the internet. It filters traffic coming into your system, preventing malicious files from reaching your internal network.

A firewall is especially important for ‘computer-to-computer’ attacks, which do not rely on any sort of user interaction (i.e. clicking on a link). These attacks identify computers with lower security settings or unpatched vulnerabilities and insert themselves into the system. A user will often not be aware that they have a virus or are potentially passing it onto others including clients. 

How to choose a firewall

It should definitely have:

• Automatically updated virus signatures. Malware is constantly evolving. Your firewall service needs to push updates to your firewall automatically and in real time. If it relies on manual or infrequent updates, you will be protecting yourself from yesterday’s threats rather than today’s.

• High bandwidth (or no bandwidth restrictions). Firewalls need to balance thoroughness with speed. Many firewalls, if they are receiving more traffic than they can handle, will let some files through unchecked in order to avoid slowing your system down. This could be potentially dangerous for your business. You need to ensure that you have enough bandwidth to cover your peak needs, or that your next-generation firewall uses a parallel scanning system that ensures all traffic is always scanned.

• Encrypted traffic scanning. Malware increasingly tries to hide behind encryption. Your device should decrypt and inspect traffic before it reaches your system.

It should also have:

• Role-specific access control policies. Modern firewalls should allow you to block users within your firewall from accessing specific sites and site categories. For example, you may want to block your technical teams from using social media during office hours but give your marketing team access to maintain your social profiles.

2. Anti-Virus

Anti-virus is your second line of defence against cyber-attacks, protecting from malware that has already reached your computer network.

Anti-virus software will regularly monitor each of your endpoints (computers, laptops, tablets etc.). It will identify and neutralise any malware that exists within these endpoints.

How to choose anti-virus software

It should definitely have:

• Automatically updated virus signatures. As with your firewall, this is critical for dealing with the thousands of newly created attacks that are released every day.

• Behavioural and signature-based detection. It is very easy for cyber criminals to change a small element of a virus and therefore change its ‘signature’. This is why modern anti-virus systems use behavioural detection as well: identifying malicious programmes that are acting like malware, even if that specific ‘signature’ has never been seen before.

It should also have:

• Protection against fileless attacks. Fileless attacks are particularly hard to detect by anti-virus programmes, as they exist only in your computer’s memory rather than in an identifiable file. Anti-virus needs to be specifically designed to combat these attacks.

3. Email Security

Could you spot phishing attacks every time? Take Google’s quiz and find out!

Email is one of the most vulnerable points within your IT infrastructure, as it is where your users interact most directly with cybercriminals. This is why you need specific email protection.

Email security software uses a number of ‘indicators’ to identify whether an email looks potentially suspicious – these are also known as spam filters. A potentially suspicious email is then generally placed in ‘quarantine’ for review by the recipient. The recipient can view a safe copy within the quarantine and determine whether to release the email into their inbox or not.

This is important because modern email scammers are very sophisticated. Even mass phishing emails can be hard to detect. Individually targeted emails, such as attempted CEO fraud, can be almost impossible to distinguish by eye. (See a full list of email scams here.)

How to choose email security software

It should definitely have:

• Comprehensive attachment scanning. Attacks can come through documents such as PDFs, as well as online links. Your email security system needs to scan attachments as well as online material.

• Behavioural and signature-based detection. As with anti-virus, thousands of slightly different attacks are created every day. Behavioural detection is needed to identify newly created email threats.

• ‘Look alike’ and ‘sound alike’ identification. Cybercriminals will try to fool you by making the email address look like a trusted source. Your email security should detect the subtle changes that a scammer would make.

• IP address analysis. Your email security software should analyse the IP address an email has come from and assess its trustworthiness.

4. Data backup

You need to be prepared for a worst-case data loss scenario. If this does happen, having your data backed up is critical.

This means that instead of having to rebuild your system or pay a ransom to cybercriminals for your data to be released, you can reinstall a data backup and continue from where you left off. This minimises the cost to your business of events such as a successful cyberattack, disgruntled (ex)-employees deleting data or physical disasters such as a fire or flooding.

How to choose a data backup solution

 It should definitely have:

• An online component. It is up to you if you want to choose solely online backup services or to use a combination of cloud backup services and server-based backup. However, using only server-based backup leaves you vulnerable to physical disasters or theft. You do not want to lose your system and your backup simultaneously.

• Multi-level restoration. A full restoration of your entire dataset will take time. If a small portion of your system is compromised or lost, you do not want to have to pause the entire business operations and restore everything. Modern backup providers should give you the options of restoring on message, file and more comprehensive levels.

• Storage in your location. Under GDPR rules, all data about EU individuals must be stored within the EU or under comprehensive agreements if outside the EU. It is not worth taking the risk of keeping your backup data outside of the EU – ensure that it is stored in an EU data centre. Good backup providers, no matter where they are headquartered, should be able to do this for you.

It should also have:

• Encryption both in-flight and at rest. This keeps your data more secure and ensures that even if a hacker does manage to intercept the traffic, they would have to decode it as well.

• Comprehensive audit trail. This means that you can quickly see the actions that have been taken. 

5. Password Management

You can put the most comprehensive IT security in place – but if anyone in your company leaves a list of passwords on their desk, or on a file within their computer, your entire network infrastructure is vulnerable.

Users will generally have multiple systems they need to access for their job, many of which will require passwords. You need to ensure that you either have a robust password policy in place which governs password creation and storage, or an online password manager which controls the passwords for multiple log-ins via one system.

A robust password management process does not need to cost money – but not having one could do. Cybercriminals, if they do successfully breach your computer, will often specifically look for documents containing passwords. As most people reuse passwords or create similar passwords, even an outdated file could give a cybercriminal the keys to your IT system.

How to choose a password management system

It should definitely have:

• A robust way for users to remember their passwords without resorting to creating a password list.

• Differing passwords throughout the organisation. You should not resolve this issue by using one password universally – if that password is compromised then your whole system is open to the cyberattacker.

Conclusion

Being cyber-secure shouldn’t break the bank. If you ensure that you have this baseline set of products in place, your business should be able to protect itself from cyberattacks whilst staying within a reasonable budget. This ultimately protects your reputation and your bottom line, preventing costly mistakes.

If you have some gaps in your cybersecurity product line-up and are looking to fill them, get in touch today and we will be happy to help you!