Anthony Timbers: Blog
Importance Of Small Business Cybersecurity: A Guide On How To Implement Cybersecurity For Small-Medium Sized Businesses
Small and medium sized businesses are in more danger than ever in 2020, and it will only get worse by the year. What is the danger you may wonder? Well, it’s the danger of the Internet! More specifically, the danger from being attacked by hackers who want to do nothing but steal your data, money, and the respect you’ve earned in your respective industry. New attacks and vulnerabilities are discovered literally on a daily basis. The only way to avoid being at risk of being attacked is to invest in cybersecurity for your business!
I know what you may be thinking, “Well, I don’t think that they would target my small business,” or “We’ve been in business for years and have never had any issues, so why should we care about attackers and security?” or even “We have an anti-virus. We’re fine. We don’t need to invest in cybersecurity.” Well my response to these statements are:
- Think again. Small-medium sized businesses make up the majority of cyber attacks that happen. 43% of cyber attacks target small businesses alone. Honestly, you’re not very safe.
- Yes, you’ve been in business for years and have never had any issues THAT YOU KNOW OF. How do you know that you don’t have malware installed on your systems that is stealing information on a daily basis? In case you weren’t aware, large companies like Target and Wawa that invest money into their security had credit card stealing malware on all of their Point-of-Sale (POS) Stations for nearly a year before they even realized it was there! Your business could be just like this!
- Anti-virus is a good first step, but it is the most basic form of cyber hygiene and in no way enough to protect you from attackers. I could personally show anyone how to make malware that would bypass your Anti-virus in less than 5 minutes. Imagine what expert, experienced hackers can do. Point is, you need more than just an Anti-virus. That’s just the last line of defense!
Consequently, you are at risk and could have already been compromised! The solution to avoid hacker attacks, though, is simple: implement a cybersecurity plan. Anthony Timbers LLC specializes in providing these services to businesses of small-medium size. This includes creating things like an IT Security Plan to outline/define your security practices or installing various security tools to detect and prevent attacks. If a small to medium sized business were to come to us in need of help with their Cybersecurity, we would most likely do the following for them:
- Create Cybersecurity Policies to outline the Security needed for their specific business
- Install Anti-Virus on all of their computers
- Setup a private VPN if the company has remote workers
- Securely configure all of the devices on their network
- Install a Firewall at the edge of their network and securely configure it
- Setup Network Security Event Monitoring system to detect attacks in real time
- Create an Incident Response plan for when attacks do occur
- Conduct Vulnerability Assessments on a daily or weekly basis
- Conduct Internal and External Penetration Tests on a monthly or quarterly basis
- Train their employees on cybersecurity awareness
Performing the above steps would give any business an extremely high chance of defending themselves from almost any attack. The following sections will go into more detail on each of the above steps, and what Anthony Timbers LLC would specifically recommend a business to do based on how we help our own clients. If you’re interested in learning how to secure your business better or are interested in how we would approach the issue of how to secure your small or medium sized business, then continue reading!
STARTING WITH CYBERSECURITY POLICIES
The first step to implementing cybersecurity for any business is to first create cybersecurity policies. Think of these as the outline for your cybersecurity plan. They will lay the foundation for any and all things cybersecurity related. Cybersecurity policies lay out rules for things like access control, password creation, data encryption, and much more. Companies need to take policy creation seriously so that they have a reliable and recorded solution for how they will ensure that their company remains secure.
When creating policies for a business, Anthony Timbers LLC likes to take a very robust approach and provide a wide variety of cybersecurity policy documents. Some of the documents that we consider essential for your business to have are as follows:
- Information Security Policy
- Acceptable Use Policy
- Access Control Policy
- Mobile Device Policy
- Remote Access Policy
- Data Encryption Policy
- Password Policy
- Incident Response Plan
- Data Backup Policy
- Sanction Policy
- Risk Management Plan
- Disaster Recovery & Business Continuity Plan
Having these documents in place would provide a solid cybersecurity foundation for your business and allow you to be ready to implement a cybersecurity program for your company.
INSTALLING A RELIABLE ANTI-VIRUS SOFTWARE
Antivirus programs are one of the most essential and basic cybersecurity tools that you could implement for your business. Statistics say that hacker attacks occur every 39 seconds. These attacks include malware attacks on your computers. The average cost of a malware attack on a company is $2.4 million. If you do not have an antivirus, you are asking for your business to be breached. Now, when I say you need an antivirus, I do not mean the free version of any antivirus that exists. Without a paid antivirus solution, your business is missing out on many of the extra features that will protect you from basic attacks all the way up to advanced level attacks.
When implementing an antivirus solution for clients, Anthony Timbers LLC likes to use a solution that does automated system scanning, conducts hourly/daily malware signature updates, provides advanced level protection from executed malware files, can detect hidden malware, stops users from browsing to known dangerous sites, uses machine learning to detect complex or zero-day attacks, and provides a central management console to monitor the status of every computer on the entire network and respond to incidents/push out updates as necessary.
We personally recommend Bitdefender Gravityzone Advanced Business Security to our clients. It provides all of the above features and requires no hardware to be installed. We can also control it from the cloud and monitor client networks from anywhere. Bitdefender Gravityzone Advanced Business Security is the #1 rated antivirus solution for businesses and is a solid choice for any business. Some alternatives we suggest would be Symantec Endpoint Protection Cloud, Avast Business Security, or McAfee Total Protection.
CONSIDERING A VPN FOR REMOTE ACCESS
As I write this whitepaper, the world is going through the deadly Covid-19 pandemic. As a result, companies are going out of business left and right, and a lot of employees have been forced to work remotely. Now, what happens when you take the average employee at a company and send them home with a company laptop with potentially sensitive information on it? Nothing good, I’ll tell you that!
Since a large amount of the workforce has been forced to work remotely, they are at a larger risk from attack! In the case of current times, or even in the case of a company that just lets employees work remotely, they need a secure way to access company resources and to use the Internet. This is where Anthony Timbers LLC believes that a VPN comes into play. It will allow your company to setup a secure connection that cannot be intercepted or decrypted by attackers. It also will put all employees on the same private network, which is preferable for security. Be warned though: if malware gets onto a computer, the malware could gain access to the VPN. This is why having a solid remote access policy and antivirus solution is extremely important for this particular scenario. Notice how all of these things come together and work in harmony? This is how you build a cybersecurity plan that works!
We typically deploy a private VPN server for each client we work with and configure it to remain secure and not affect employee productivity. Better yet, it only costs about $1/month to maintain access for the entire company if you set the server up in AWS! This is definitely a hidden gem that other companies may not be able to provide for you!
MAKING SURE THAT COMPUTERS ARE SECURELY SETUP
Another important step to take when securing your company is to ensure that all of the computers are setup securely. Even with other security controls in place, this could be the weak link that causes an entire network to be compromised! Insecure configurations on computers welcomes attackers. If you simply buy computers for your employees and do not modify any of the default settings, you are already at great risk!
Anthony Timbers LLC recommends that companies implement system hardening by changing the default security settings that come on the device (i.e. group policy settings). Some examples include locking computers after a certain amount of time of being idle, requiring strong passwords, or even lockout out an account after a set number of failed logins. These settings can easily be implemented by setting up a domain controller that pushes all of these settings out to every computer on the private network. This is a solution that Anthony Timbers LLC would use to provide this extra layer of security on every computer.
INSTALLING A FIREWALL ON YOUR NETWORK
Network security firewall sales peaked $1 billion in 2015 for a reason: you need to prevent attackers from even making it into your network! A firewall analyzes all traffic that flows in and out of the network and decides whether or not it is allowed or blocked. From that definition, you can imagine how powerful of an asset a firewall can be.
Anthony Timbers LLC would recommend buying the proper firewall for your business needs and setting it up to prevent traffic from entering the network unless it is trusted. This takes an understanding of what traffic needs to be allowed coming in and going out. Cisco ASA Firewalls are an excellent choice. Without a firewall in place, your business is vulnerable to anyone gaining accessing your network.
USING A SIEM TOOL TO DETECT SECURITY EVENTS
Security Incident and Event Management (SIEM) tools are vital for continuous security monitoring. They allow for all of the devices on your network to push every event that happens out to a tool that correlates them together and detects attacks. This is an extremely powerful tool to have at your disposal and can help your business respond extremely fast to security breaches.
For example, you can set the SIEM tool up to monitor for common attack patterns or to detect traffic heading to a known malicious
address. Typically, your business would setup a Security Operations Center (SOC) or outsource SOC services. The issue with building your own SOC is that it is extremely pricey. Just buying a SIEM tool alone could cost you upwards of $100,000! After that, you need to hire employees to maintain it and to analyze the alerts.
We recommend implementing something like Elastic SIEM. This is an extremely popular, reliable, and free open source SIEM tool used by a large majority of companies today. By just installing a couple of small pieces of software, all data on your network devices can be pushed out to the SIEM tool up in the cloud for analysis and correlation. The SIEM tool (Elastic SIEM) utilizes machine learning anomaly detection in order to detect attacks or suspicious activity that even our robust list of rules could potentially miss! This is the exact solution that Anthony Timbers LLC uses to monitor our client’s networks for security incidents.
INCIDENT RESPONSE PLANNING
If a security event were to occur on your network, you don’t have a second to waste. The sooner you react, the better. This is why an incident response plan is vital. Anthony Timbers LLC recommends that at a minimum, you need to determine what has happened, how many computers are affected, what to do to stop the incident, and who to contact. This all needs to be documented as, along with roles and responsibilities. All of these steps and more need to be taken into consideration to prevent an attack from compromising an entire network. Anthony Timbers LLC typically provides a solid plan to clients and even provides an Incident Response Reporting template.
CONDUCTING VULNERABILITY ASSESSMENTS
Let’s say you have followed the plan that we have laid out up until now. Are you guaranteed to be secure? Well, an honest answer is no. The reason is that vulnerabilities exist on almost every network and new ones are discovered every day. Since this is true, the only way to keep up is to conduct regular vulnerability scans/assessments.
Vulnerability scans look at all of the computers on the network and find possible vulnerabilities that may exist on them. These vulnerabilities include security misconfigurations, missing patches, and even vulnerable services that may be running. Anthony Timbers LLC recommends conducting internal and external vulnerability assessments with and without credentials. This will give you a full picture of what vulnerabilities exists on your network. We typically provide this service to clients on either a daily or weekly basis. This way, our clients stay secure and are always aware of their security status. Tenable Nessus Professional is a good option for most businesses and the #1 vulnerability scanner on the market.
PENETRATION TESTING YOUR NETWORK IS IMPORTANT
Taking vulnerability assessments one step further would be to conduct penetration tests. The main difference is that penetration tests attempt to exploit discovered vulnerabilities. This is usually a manual process that requires a high level of skill and knowledge to conduct. The goal is to determine whether or not a company’s defenses are resilient to outside or inside attacks.
During a typical penetration test, we attempt to break into networks from the outside using exploits (external penetration testing) and also simulate what could happen if an attacker made it into the network (internal testing). Both kinds of penetration testing are important for any business and can truly point out your weak points. Anthony Timbers LLC recommends that you conduct penetration tests either on a monthly or quarterly basis. It is also a requirement to be compliant with standards like CMMC, ISO 27001 or PCI-DSS. If any of those apply to you, then you may want to look into penetration testing and you may want to contact us. We have a stellar track record with our clients and have the necessary skills to determine where your network is vulnerable.
CYBERSECURITY AWARENESS IS THE MOST IMPORTANT STEP
This couldn’t be a truer statement. Even after following this solid methodology for securing your network, all of it could be for nothing if your employees are not educated on cybersecurity awareness. Majority of attacks in current days occur because of users. They download malicious files, browse to dangerous sites, and unknowingly click on malicious links in emails and on websites. Not everyone is tech savvy, but everyone can be educated to determine what actions are appropriate and which ones are not.
Anthony Timbers LLC recommends putting employees through a mandatory, interactive cybersecurity awareness course either bi-annually or quarterly. Be sure to include extensive training on phishing/social engineering as well, and even conduct phishing/social engineering tests on employees to see who needs more training. Humans are the weakest link when it comes to cybersecurity, so be sure to train your employees!
To sum it all up: please implement a cybersecurity plan. Get your policies in place, install antivirus, secure your network and computers, and test your network on a regular basis. If you don’t invest in cybersecurity, you are leaving yourself at risk to lose not only money, but your respect in the industry and potentially your business (60% of small businesses that suffer from a cyber attack go out of business within 6 months). Since over 50% of attacks target small-medium sized businesses, you don’t want to take that risk. Here are some key takeaways from this blog:
- Start with Cybersecurity policies to lay a foundation
- Incrementally implement various security controls like antivirus, firewalls, host security configurations, security testing, and SIEM tools
- Be sure to require a VPN for remote employees
Whether you want help today or 6 months from now, Anthony Timbers LLC will be ready to help you secure your business better than ever before. We offer IT Security Planning, Vulnerability Assessments, Penetration Testing, HIPAA Consulting, and even Network Security Monitoring for any client. Feel free to reach out to us about any questions that you may have on this whitepaper, about our services, or about cybersecurity in general. Thanks for reading and stay safe!
Contact: Anthony Timbers
Email: [email protected]