![\"\"](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/11\/360-hours-icon-box.png\"){kind=icon}
<\/figure><\/div>\n\n\n\nSMBs are Primary Targets for Cyber Attacks<\/h2>\n\n\n\n
According to the 2018 Cyber Claims Study by NetDiligence<\/a> , 85% of the cyber insurance claims made from 2013 to 2017 came from smaller business, and 80% were the result of criminal involvement. The top four sectors affected by cyber incidents were as follows:<\/p>\n\n\n\n TABLE<\/p>\n\n\n\n Just as there isn\u2019t a silver bullet for growing a business, there isn\u2019t a single turnkey, no-cost solution to security for SMBs. However, the good news is there are prudent steps available that SMBs can take quickly, easily, and cost-effectively to dramatically reduce the risk of an IT security event, and even to work towards compliance for those that are subject to statutes such as PCI, GDPR, HIPAA, and others.<\/p>\n\n\n\n Of course every organization is unique and faces different challenges, but SMBs should consider leveraging core best practices to address IT security. So, where does it start? By creating layers of defense\u2014from protecting the network on the outside all the way into the core, made up of end user identities. It\u2019s no secret that compromised user identities are the number one method<\/a> for hackers to breach an organization.<\/p>\n\n\n\n Below you\u2019ll find six core activities that SMBs can execute to dramatically step-up their IT security.<\/p>\n\n\n\n Most SMBs are leveraging WiFi networks to connect to the Internet, but the truth is that shared access to WiFi networks is an open invitation to be hacked. There are two steps to increased security here for your network: a) enforce unique access to the WiFi network through RADIUS integration, and b) segment the network to keep the most critical resources secure. Your IT admin or MSP will be able to walk you through how to do this without too much hassle or cost.<\/p>\n\n\n\n Lock down all of your PCs and servers by ensuring that only the right people have access to each system, the systems are constantly patched, you have anti-virus\/anti-malware software, and that you have strong policies in place (e.g. the computer screen locks after 2 minutes). Bonus points for those that are willing to enable multi-factor authentication (also called MFA or 2FA) to login to the PC or server. The right tools here can do virtually all of this without significant cost.<\/p>\n\n\n\n MSPs have an obligation to protect their clients, and all MSPs take this responsibility incredibly seriously. A hacked client can be catastrophic for an MSP\u2019s reputation, so implementing strong controls is critical. Identities are the number one attack vector<\/a> within any organization, and MSPs know this firsthand. By leveraging a modern approach to identity management, MSPs can build a strong foundation of security within each client\u2019s organization.<\/p>\n\n\n\n Compromised data is at the heart of the most expensive breaches. If you have credit card data, user or customer data, or health care data, you are at risk. The number one step to take in this category is to enable data at rest encryption wherever possible and especially on your laptops and desktops that can access that confidential data. The software to do this (BitLocker on Windows and FileVault on macOS) is free, but is complicated to manage. A simple tool to manage FDE (full disk encryption), as it is called, will simplify the task and help ensure you won\u2019t lose any data.<\/p>\n\n\n\n At the center of what you are trying to protect is a user\u2019s identity. If an identity is compromised, it can bypass virtually all of the safeguards you have just put in place. The two most important steps to take in this key section is to a) tightly control access to everything possible with long passwords and b) implement MFA to require a second factor to validate a user is who they say they are. Both of these are possible and inexpensive with a solution called a directory service.<\/p>\n\n\n\n Educating your employees with in-depth security training has been shown to be a powerful method to increase security at organizations of all sizes. Users have a tendency to act on curiosity and convenience without considering the underlying risks and negative consequences at hand. By teaching employees how to identify phishing emails and practice secure browsing and password management habits, you can significantly minimize the risk of experiencing a data breach.<\/p>\n\n\n\n Implementing security for SMBs doesn\u2019t need to be hard or expensive, but it does take some time, commitment, and resources. In order to follow through, SMB owners should consider asking their internal IT person or an external MSP to help support their efforts. With a little focus on these high impact items, an organization can quickly become significantly more secure.<\/p>\n\n\n\n If you\u2019re interested in learning more about modern security risks and implementing best practices that can be used to build up your organization\u2019s defenses, watch the webinar below detailing how to train your employees to be security conscious, or check out this in-depth report on identity security.<\/a>If you\u2019d like to talk with a JumpCloud support specialist, please feel free to drop us a note.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" SMB owners are struggling with how to address IT security, but by implementing these 6 best practices, they can dramatically step-up their defenses.<\/p>\n","protected":false},"author":71,"featured_media":27020,"template":"","categories":[2337],"collection":[2775],"wheel_hubs":[],"platform":[],"resource_type":[2310],"funnel_stage":[],"coauthors":[],"acf":[],"yoast_head":"\nBest Security Practices for SMBs by Core IT Area<\/strong><\/h2>\n\n\n\n
1. Network \u2013 Enforce Unique Access & Segment Resources<\/h3>\n\n\n\n
![\"Using](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/07\/connected-dots.png\")
<\/figure><\/div>\n\n\n\n2. Systems \u2013 Lockdown Computers and Servers<\/h3>\n\n\n\n
![\"domain](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/12\/Server-2-1.png\")
<\/figure><\/div>\n\n\n\n3. Applications \u2013 Enable MFA<\/h3>\n\n\n\n
![\"\"](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/10\/computer-purple-lock-and-phone.png\")
<\/figure><\/div>\n\n\n\n4. Data \u2013 Implement Full Disk Encryption (FDE)<\/h3>\n\n\n\n
![\"\"](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2017\/12\/Hard-Drive-1.png\")
<\/figure><\/div>\n\n\n\n5. Identities \u2013 Enforce Password Complexity & MFA<\/h3>\n\n\n\n
![\"What](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2019\/01\/men-in-black-with-purple-and-teal-ties.png\")
<\/figure><\/div>\n\n\n\n6. Employees \u2013 Conduct Regular Security Awareness Training<\/h3>\n\n\n\n
![\"\"](\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2018\/12\/orange-and-blue-security-training.png\")
<\/figure><\/div>\n\n\n\nLearn More About Security for SMBs<\/strong><\/h2>\n\n\n\n