SMBs face up to cybersecurity risk in remote work era
When Covid-19 first spread globally, businesses weren’t just fearful of the virus but also of what it meant for their work environments as they shifted to remote working. As we near the end of 2020, says Eyal Yair, AVP of HomeSecure and BusinessSecure at Allot, many have become more accepting of work-from-home (WFH) as a long-term solution but that doesn’t mean their networks are equally prepared.
WFH creates additional network vulnerabilities, which increases the risk of a breach if organisations do not carefully address new cybersecurity needs that stem from this transition.
While this is a concern for every organisation, it’s an even larger problem for small and mid-sized businesses (SMBs) for a couple of reasons. First, the surge in bring-your-own-device (BYOD) for remote work means security decisions of many personal computers, often containing critical data, are left to the employees themselves.
Only 13% of SMBs currently have a BYOD policy, according to Forrester research. Second, small businesses tend to have limited IT departments and in-house cybersecurity resources to adequately protect and monitor their network. Even worse, bad actors are aware of SMBs’ vulnerabilities, which is why nearly half of all cyberattacks target small businesses.
With the average cost of a data breach estimated by IBM at US$3.86 million (€3.17 million) globally, these companies often don’t have the overhead to overcome even one major attack. The key to holistic protection of small businesses is leveraging network-based security provided by their communication service provider (CSP).
Why is network-based security ideal for SMBs?
Cybersecurity is critical for SMBs because it eliminates the most crucial challenges that any resource-strapped company often faces, scale and complete network visibility. Beyond the increase in cyberattacks from opportunistic bad actors trying to take advantage of pandemic uncertainty, the proliferation of the Internet of Things (IoT) furthers the amount of attack vectors.
Network-based security is typically offered by the communication service provider (CSP) because of their unique position to see all incoming and outgoing traffic in increasingly complex network environments on fixed, mobile, and Wi-Fi across any device. Otherwise, SMBs will always have challenges protecting every device on their network at the endpoint.
Network-based security can be implemented through a small firmware agent on the business router and is able to protect all connected devices without any intervention from employees. This is important since the vast majority of common cyberattacks include a mix of phishing, malware, ransomware and data exploitation that often begin with a deception at the user level.
In addition to blocking the attacks before they reach users, it can also act as a great network management tool. Devices can be organised by groups to easily manage all devices across the network in a centralised location, such as a mobile application. This capability also allows SMBs to tailor content deemed acceptable during working hours, access reporting on all protected devices, and leverage artificial intelligence (AI) to self-diagnose network issues.
Remote work will only continue to flourish internationally as organisations reap the benefits of added productivity while improving the flexibility of work-life balance. But it’s imperative that businesses continue to address the changing demands of cybersecurity and establish a unified and controlled understanding of every device linked to their network. Only then can they sustain real growth and innovation working remotely, while mitigating the risk of costly data breaches.
The author is Eyal Yair, AVP of HomeSecure and BusinessSecure at Allot.
About the author
Eyal Yair is AVP of HomeSecure and BusinessSecure at Allot covering IoT devices and the connected home. Before joining Allot, Eyal was the CEO of Netonomy, a developer of software-based cyber security for the connected home (acquired by Allot in 2018). Previously, Eyal served as CEO at other start-up companies and participated in the famous TechStars Boston programme.