Most organizations make Cybersecurity Solutions for Small Businesses overly complicated because “you should do it either way.” This is not a valid argument. Business owners have tons of “have to” being thrown at them every day. It’s extremely difficult to cut through the fluff and identify what is critical and what is just nice to have.
We take the approach of educating the community on cybersecurity solutions for small businesses to help them make informed decisions for their business.
This breaks down exactly what kind of threats a business faces and which of the many cybersecurity layers address each one.
So, once you know which layers are recommended and WHY, it’s important to realize the three primary factors an IT company should be evaluating when choosing the right fit for each of these layers. This information is important to review so you can identify why prices may be higher/lower, why your employees are impacted or not impacted, and whether these layers are actually effective or not.
We will be examining three key aspects of Cybersecurity Solutions for Small Businesses: their effectiveness, impact on the user, and cost considerations.
Effectiveness
This is without a doubt the most important aspect to consider. Is the layer effective at doing what it says it’s going to do? For instance, is the spam filtering service catching spam? If so, at what rate?
Here is a good example of this: Microsoft 365 has built-in spam filtering, so why would a business invest in additional spam filtering?
The answer is effectiveness.
The built-in spam filtering does stop some spam, but not at a rate that your IT provider is comfortable with. That is why they recommend an additional layer of protection. It’s not to sell another service, it’s because it is their job to protect your business.
We go through a standard checklist and review process for every recommended layer to ensure the layers are effective in the current environment. I say the current environment because cybersecurity changes very quickly. So, we must continuously repeat this process to ensure our recommendations are the latest and greatest!
User Productivity
This one does not get talked about enough but is oftentimes the main pain an organization feels. What is the point in being hyper-secure if it causes many roadblocks that slow your users down and ultimately cost more money than not having the layers in place at all?
A good IT provider must evaluate the user impact. However, this is often not the case. Again, they may default to “but this is the only way to be completely safe!” but that’s just not the case. Our clients are not impacted by constant roadblocks but are just as secure as businesses that may have a less thoughtful MSP.
In some cases, there is no getting around this thought.
For instance, multi-factor authentication is a layer that requires a second form of authentication or “login” to gain access to an account. This can be cumbersome for the end user, but it truly is an important layer.
So, we identify how to make this easier. A couple of quick ways we can make this easier for our clients:
Authenticator app – this will send a quick push notification to your mobile phone. All you must do is click “Yes” rather than remembering and typing in a code
Safe devices – We set devices you log in from often as safety devices. This will limit how often you are asked for a second form of authentication.
User impact is huge and if you are feeling the pain of an IT provider that has not considered this, please reach out today so we can get you working securely AND fast.
Price
Another topic that many IT providers will shy away from is price. We serve small and medium-sized business spaces. Ensuring that our clients can afford our recommendations is critical, because affordable and implemented is better than expensive and avoided.
When evaluating the best cybersecurity solutions package for our clients, we must ensure the price is one of the factors to ensure we can roll it out to all our clients to protect them. It’s not reasonable to assume our clients can pay for the same service as a publicly traded company for instance.
However, that does not mean they are less secure! Oftentimes big price tags are associated with additional reporting, the ability to customize at great lengths, and a number of users. Since we can purchase with economies of scale, we can provide enterprise-level security at a reduced rate.
Conclusion
Thank you for taking the time to read this. You obviously take cybersecurity solutions for small businesses very seriously if you are willing to get educated on how it can protect your business. If you’re interested in learning more, be sure to reach out to our team.
We would be happy to provide a free evaluation of cybersecurity at your business and review these 3 important factors to ensure you are in the best possible situation.
We’ve all been there: one minute everything at work is running just fine, and the next minute you can’t get websites to load, or your file upload or download speeds slow to a crawl.
When this happens at home after work, it’s an inconvenience — and most of the time rebooting your router, modem, or gateway solves the problem. But at work? Internet speed issues or network bottlenecks can seriously interfere with your employee’s productivity and profitability of the company.
Today we’re going to share 7 common causes for network bottlenecks — and we’ll do our best to use plain, nontechnical language as we go. But first, let’s start by explaining what’s going on when network speeds plummet.
A network bottleneck is any situation where the flow of data gets constricted, limited, or slowed. It’s a blanket term, in a way, covering all the various reasons why you’re not getting what you need out of your internet connection.
Think about your home internet for a minute. Sometimes when you have issues, you call or chat with your service provider, and they tell you that the problem is at its end and they’re working on it. That’s a network bottleneck: something somewhere at your ISP is limiting data flow (imagine data as water running through pipes, and that water just hit a partial blockage).
Sometimes the problem is at your house: if you’re on the budget plan but 3 TVs and 5 mobile devices are all trying to stream Netflix, you’re going to use up your bandwidth (the incoming water pipe is at full blast, and you’re still not getting enough water). Or you might have a rogue device gobbling up most of your bandwidth for no good reason, giving you the same result.
All of these concepts are network bottlenecks. But if you want to fix or avoid the symptom, you have to know the cause first. So, with that in mind, let’s look at 7 common network bottleneck scenarios in the work environment.
1. Firewall Size
A firewall blocks traffic coming in and out of your network, giving your IT department control over what’s allowed in and out. They can get awfully technical from there, but this definition will work for our purposes.
Firewalls come in different (metaphorical) sizes, which can be measured in total number of users or total amount of throughput. Kind of like our Netflix-at-home example, if you try to push more data through your firewall than it can handle, you’ll hit a network bottleneck.
Maybe you have plenty of bandwidth (speed) from your internet service provider — it doesn’t matter if your firewall can’t match that speed.
2. Problems with Network Switches
If your building and your IT infrastructure are more than a few years old, you might need to check on several things. The network switches installed throughout might be older 10/100 switches, which max out at 100mbps. Your actual network connection might be way, way faster—but it gets bottlenecked at these switches.
As infrastructure ages, the ports on your switches (including the ethernet ports your computers plug into in the wall) can go bad, degrading performance.
3. Insufficient or Outdated Modem
The modem you’re using (at home or in the office) could be another chokepoint: it doesn’t matter how lightning-fast a connection you’re paying for, you won’t see anything move faster than what your modem is rated for.
The good news is that this is a relatively easy fix. It’s not difficult to find out what bandwidth your modem can handle (or what bandwidth you’re paying for). If the first is lower than the second, it’s time to upgrade.
4. Bad or Insufficient Cabling
Along the same lines, your network cabling — the wires running inside wall conduits at your office or connecting your modem and router at home — is also rated for a specific max speed. Older buildings may be equipped with outdated Cat5 cabling (or slightly newer Cat5e). If your internet speeds are gigabit or higher, you really want to look into cat6 or even cat6a cabling.
These all look virtually identical, so you may need technical assistance in identifying what you’re currently using.
5. Low-Speed VoIP Phone Pass-through Ports
Sorry if we’re sounding like a broken record, but the network ports on your VoIP phones can also be the source of a network bottleneck.
If your office has switched to VoIP phones (and it probably has), you likely have a physical handset at your desk that sits between your network cable and your computer. The network connection “passes through” the VoIP phone.
Ordinarily, there are no issues. However, some of those ultra-cheap VoIP phones are actually quite a problem. You might need to investigate the speed that those pass-through ports are rated for: if it’s lower than your connection speed, you’ve likely identified your network bottleneck.
6. LAN Overload
This one isn’t relevant at home or in a small office, but if you’re at a larger office, be aware that it’s possible to overload your local area network (LAN) with too many physical devices. Once you reach a certain number of IP devices, you’ll get better results by segmenting them out to separate LANs.
To use the water pipe analogy, not every house in a city can possibly connect to a single massive trunk line. A street or a neighborhood might all be connected on a line that then connects to a main line, and so on. Segmenting groups of houses or businesses adds resiliency and balances the system.
In a large office, think of all those connected devices as houses, businesses, and neighborhoods.
7. Old Access Points
Far and away the most likely network bottleneck is Wi-Fi. It is inherently not as fast, consistent, or stable as wired internet. Even worse, old Wi-Fi access points were never built to handle modern internet speeds, so they cap users far below their actual bandwidth.
Older devices can even slow down networks when they connect to Wi-Fi. A smart Wi-Fi system like Unifi helps to mitigate this problem.
We Are Here to Help
We hope this guide has helped you to isolate the cause of your network bottlenecks. Still, even once you’ve found the problem, many of these are more technical to fix than you might be comfortable trying on your own— especially if they need to be fixed at the scale of an entire office.
If you could use help identifying the problem or implementing the solution, we’re experts that you can trust. Reach out to our team today to schedule a consultation!
We hope that your enterprise is already contemplating the implementation of password managers. However, the challenge remains in pinpointing the appropriate password manager that suits personal use, enhances business security, or perhaps satisfies both requirements.
We’ll provide our honest feedback on four leading solutions below, but first we need to talk about why “ecosystem exclusives” may not be sufficient, especially on the business level.
If you’re an Apple user or a heavy Google Chrome user, you might have already stumbled across what we call ecosystem-exclusive password managers. Both Chrome and Safari (Apple’s web browser on mobile and desktop) can notify you if one of your passwords has been exposed in a data breach (remember our earlier point about not reusing passwords? This is why!).
These browsers may prompt you to change your password, or even offer to generate a unique, complex, hard-to-guess password for you.
These work quite well in the right circumstances — but there are some significant limits you should know about. These new passwords get stored either in your Chrome/Google profile or in your Apple Keychain, and they can auto-fill for you later, if you’re on a device with access to your Apple Keychain (for Safari/Apple) or a device and app that can access your Google account (for Chrome).
The problem with this? Most of us don’t live exclusively in Chrome or Apple products.
If your work PC needs that very complicated password your iPhone generated for you, even finding it will be a challenge, and manually retyping it correctly is downright obnoxious.
And as far as Chrome, its password manager is no help when logging into anything that isn’t running in a Chrome tab.
For more robust, ecosystem-agnostic solutions, any of the following choices should perform well for most businesses.
LastPass
One of the biggest names in password managers, LastPass grew in popularity as a freemium consumer product, but its business offerings are impressive. Its business product gives each user their own password vault and gives your organization robust admin oversight, including over 100 policy customization options.
Users can safely share their credentials with others, such as providing a vendor temporary access to an app or location.
LastPass also supports multiple modern authentication technologies, including passwordless (with the LastPass Authenticator), multifactor authentication (MFA), and single sign on (SSO).
One downside: business pricing is opaque and quote-based — but we can help you with this!
DashLane
Dashlane offers password management for home, mobile, and business that’s CCPA compliant, GDPR compliant, and AICPA SOC 2 compliant. It’s a bit more streamlined than some others, yet it still provides plenty of power, security, and control.
DashLane’s Team plan starts at $5 per user per month and provides simple, secure password management, group sharing, policy management, and an admin dashboard. The Team plan also integrates with Active Directory and supports two-factor authentication (2FA)
Businesses that need access to SSO or SCIM provisioning should choose the Business plan, which starts at $8 per user per month. Notably, the Business plan offers every paid user a free family plan — an attractive perk to offer your team.
Keeper
Designed with the needs of small to mid-sized businesses in mind, Keeper is simple and straightforward to implement. It uses a zero-trust and zero-knowledge security architecture, which is the most secure method available. It’s also extremely affordable at $3.75 per user per month. And even at that low price, Keeper Business matches DashLane’s offer of a free Family Plan for every paid user.
The Keeper Business plan isn’t as robust as LastPass or DashLane and does omit certain technologies, including SSO, advanced provisioning, and compliance reporting. If you need those and like the Keeper model, the company does offer an enterprise plan with those features.
1Password
1Password offers a powerful business-oriented product that promises to “secure employees at scale.” That tagline alone tells you that 1Password is angling for the enterprise crowd. Integrations with Azure Active Directory, Google Workspace, Okta, OneLogin, and Slack suggest the same — though no matter your business size, you may benefit from a few of those integrations.
1Password rolls together most of the offerings of other password managers: secure password storage, encrypted password sharing, free family accounts, and ability to access passwords virtually anywhere on any device.
Unique features here are the ability to access from the command line (nerds rejoice!) and the ability to store more than just passwords: secure notes, SSH keys, and sensitive documents can all reside within users’ 1Password vaults.
Pricing starts at $7.99 per user per month, but every contract is a custom quote. Translation: your real costs will likely be higher.
At publishing time, 1Password’s SSO support was only in beta, which is a bit surprising for a company targeting large businesses. They’re likely to catch up soon, but if SSO is essential for you, they might not be the strongest choice at this time.
Password managers are worth the investment. If you need more guidance on finding the right fit, don’t hesitate to reach out!
When was the last time you looked at the internet connectivity options for your business or fully understand the different types of internet connections?
If it’s been a little while, now is a great time to take another look.
Fiber internet offers a host of business benefits like greater speed, higher reliability, and lower costs. It’s been around for a few years, but the rollout has been slow. It might not have been available at your physical address the last time you looked.
If you’re still operating on a cable internet connection (or if you aren’t quite sure what kind of business internet connection you’re running), it’s worth taking a look.
Here’s why cable isn’t stable — at least when compared to newer, better fiber optic internet connections for business.
It’s important to understand that there’s no one thing meant by the term “business internet.” That term is little more than a marketing device that differentiates between residential and (higher-priced) business accounts — even when a company is offering the same essential quality of service for both!
Not every business internet connection is equally effective. So, it’s important to look a little deeper than the business label and understand the type of connection an internet service provider (ISP) is selling.
Understanding the Types of Internet Connections
Before we go into detail about fiber internet, we need to define some terms. There are a wide range of service types available depending on the ISPs that serve your location (along with the size and budget of your organization). The relevant ones can be organized by the types of internet connections.
Copper and Coaxial Wire Connections
The first generation of high-speed business internet came over copper wire. This is the same exact copper wire that phone signals have transmitted across for decades. DSL and T1 connections fall within the copper wire category.
Coaxial wire connections are nearly as old, transmitting over the same coaxial connection that cable TV signals have transmitted across since the 1980s.
T1 connections are higher cost, higher speed, and higher reliability. Of the three main copper connections, this one is the best choice — but the costs may be prohibitive, and not every ISP will run T1 service to every location.
DSL and cable internet are both extremely common in residential settings, and the business versions aren’t all that different. They may promise higher maximum speeds, but they face a slew of drawbacks that we’ll cover later.
Wireless Connections
Not to be confused with your in-office Wi-Fi connection, wireless connections refer to a few methods for getting internet to your office building sans wires. Satellite, private cellular networks, and wide-area LAN are a few examples.
These connections essentially serve customers who can’t get wired internet, usually because they operate in a rural location. They’re better than nothing, but you don’t want to choose them if you have another option.
Fiber Connections
The next generation of wired internet access is delivered over fiber optic cables (fiber for short). This light-based transmission protocol offers much higher speeds, greater reliability, and lower long-term costs than legacy formats.
The downside of fiber — at least for now — is that it doesn’t piggyback off a legacy wire, so it requires more granular infrastructure rollout than cable or DSL. But once that infrastructure reaches you, you’ll want to make the switch.
Make sure you understand the types of internet connections while also making sure it will match your business goals: 9 times out of 10 coaxial cables isn’t enough. Reach out to schedule a FREE fiber consultation and plan the next steps for your internet.
Business Cybersecurity is serious; an ever-present threat that executives are right to worry about.
But understanding the top cybersecurity threats — and the steps your business should take to be more secure — is complex and technical (and let’s be honest, not very interesting for most people).
Unfortunately, many of the resources out there that deal with cybersecurity do so from a specialist’s point of view. They’re packed full of jargon and insider lingo that just doesn’t work for executives who aren’t tech specialists.
We want to fix that, so we’ve assembled this Executive’s Guide to the top cybersecurity threats and their solutions.
Below, we’ll show you the top cybersecurity threats that every executive should be aware of, and we’ll do it in straightforward language. Then we’ll cover high-level mitigation strategies and best practices that your company can implement to stay safe from ongoing and future cyber threats.
These top cybersecurity threats can get complicated in a hurry, but most forms of attack are easier to avoid once you know what to look for. Here are the top cybersecurity threats executives like you should be aware of.
Phishing Attacks (including Spear-Phishing, Whaling, and More)
Far and away the most important top cybersecurity threats to understand, phishing attacks (and several variants) are fairly low-tech cybersecurity threats — but they’re also extremely effective. They’re quite dangerous for you and your business, so let’s spend a little time here.
The classic phishing attack occurs via email. An unsuspecting employee gets an urgent-sounding email from somewhere important (say, Apple or Microsoft 365 or some other service they’re likely to use at work). The email contains news of some kind of problem with their account, usually with dire consequences if the user doesn’t act immediately.
Of course, the email wasn’t really from Apple or Microsoft or anyone else legit. It’s from an impostor.
If the user clicks the link in the email, they land on a website that prompts them to log in. But the website, too, is an impostor. When users attempt to log in to the fake website, boom: the bad guys now have working credentials and can log into whatever service they were impersonating.
Phishing is common via email, but it can happen across any communication channel: SMS, voicemail, and even live chat or messaging (though it’s very rare for a threat actor to break into internal message systems like Slack or Teams).
Spear-phishing is much harder to pull off but even more effective. That’s when a criminal already has limited access to your systems (or at least basic information about your company structure). They send an email targeted to John in accounting, and they make it look like it’s from a high-ranking executive asking for a favor. People tend to want to please their superiors, and you might be surprised at the kinds of crazy things people fall for in this scheme.
Whaling is the inverse: it’s phishing targeted at the executives, managers, and C-suite personnel — the people with the most access to the most sensitive information (and the highest discretionary spending capabilities).
The Top Insider Threats
Sometimes your greatest threats are on your payroll.
The obvious one here is the corporate spy or something similar, someone who weasels their way onto your payroll with the malicious intent of stealing data or secrets and sending them to the competition.
But insider threats can also look like negligence or incompetence. An employee leaving their workstation unlocked, loaning out their access badge, or letting in that “repairman” are all real dangers that threat actors could exploit in the right circumstances.
Malware
Malware refers to any kind of malicious software (mal + ware) that makes its way onto computers, servers, or other hardware. Different malware can do any number of things, from scanning databases and skimming data to logging keystrokes and sending that data to cybercriminals (logins, credit card numbers, sensitive customer data, and more could be involved).
Malware must be installed to take effect, but this sometimes happens without the victim knowing. They thought they were opening a legitimate attachment or clicking a legitimate link, and whatever happened next either didn’t make sense or happened in the background.
Ransomware
A particularly vicious form of malware, ransomware takes over a system or part of a system, locking companies or individuals out completely. The user receives a prompt that they can regain access — for a fee. (That’s the “ransom” part.)
Ransomware attacks are more complex to pull off than simple malware attacks, which just install themselves and then run without help until they’re discovered. Often an attacker will spend weeks snooping around a victim’s system undetected, carefully designing the attack after understanding which files and applications are most vital.
Even worse, there’s no guarantee the bad guys will play by the rules. Even if you pay, they may not return your data — or they may return it, but also sell it to the highest bidder.
Vulnerable Out-of-Date Systems (Hardware and Software)
Another huge threat can actually be the open-door cybercriminals use to access your systems and steal your data: this is when your hardware or software systems are vulnerable because they haven’t been kept up to date.
(This one’s going to get just a little nerdy — sorry about that. Stick with us, though — it’s well worth learning.)
Software, operating systems, and firmware are all complex: to the end user, things just work (well, most of the time). But there are a ton of very complicated processes happening behind the scenes to make that happen.
Security researchers and the companies that provide software/OS/firmware regularly discover vulnerabilities in these products: clever or novel ways that people can exploit the software to do something it shouldn’t do or give them access to something they shouldn’t have access to.
Whenever these problems — called exploits — are discovered, the company that made the software develops a fix and releases that fix to users. These are often called patches or security updates. On the OS level (macOS, Windows, iOS, and so forth), most security updates are rolled into operating system updates. (This is why your iPhone updates to iOS 15.6.1: Apple didn’t add any new functionality with the 0.0.1 parts; they just fixed a vulnerability.)
Usually, these fixes arrive quickly, before most bad guys have a chance to act on the new exploit (or even figure out that it exists).
But there’s one very, very big problem here: As soon as updates or patches are released, anyone and everyone with the right tech skills now knows about the vulnerability. And that means that any system that hasn’t yet been updated is ripe for exploitation.
OK, so what does all of this have to do with you and your company? Simply put, most businesses have all sorts of outdated systems that haven’t been kept up to date with the latest security patches. You might even be relying on hardware or software that’s no longer supported at all (the manufacturer is out of business or expects users to have upgraded by now).
The vulnerabilities are well-known, and it’s only a matter of time before someone takes advantage.
Solutions for Top Cybersecurity Threats
So now you know about five vital categories of cybersecurity threats, but knowing about them isn’t enough. You also need to know how to avoid them!
Strategies can get nuanced and complex, but there are simple steps that every business, team, and executive can take right away. Here are quick tips for each category.
Phishing
The big thing here is education. Usually, these messages have some tells: the urgency is odd and seems out of step with how the (legitimate) business tends to communicate. These messages push you to take unusual action and threaten grave consequences if you don’t (again, in a way that Microsoft or Apple would never do). Maybe the graphics aren’t quite right or there are obvious typos.
Training your people (cybersecurity awareness or phishing awareness training) is the best defense here. We can help with that!
Malware and Ransomware
Education is a big component here as well: just don’t open that attachment or click that suspicious link. Moving away from email as a main way to move files around helps, too. Cloud storage is far less likely to let this stuff through than email spam filters (though you should definitely have a good one of the latter, too.)
A broader review of your network security can also help. Successful ransomware attacks tend to require vulnerabilities that go beyond someone opening a malicious attachment.
Insider Threats
Comprehensive access control policies go a long way here: entry-level employees should never have access to highly sensitive documents. Without access, he can’t steal them or even expose them through incompetence.
Strong password management and insistence on multifactor authentication reduce the threat of in-person cybercrime, too: stealing a password of a sticky note sounds cliché, but it happens. Better policies and MFA make that virtually impossible.
Vulnerabilities
Lastly, keep those systems updated. It’s a chore, but it’s vital to your security.
Thankfully there are tools and systems that can help.
You might’ve heard the term “endpoint protection” and wondered what exactly that’s all about. Essentially, endpoint protection gives your IT group (or your managed IT services partner) the ability to control parts of each user’s computer: what’s installed, what users can and can’t install themselves, and when/whether system and software updates are installed.
If you’re interested in exploring endpoint protection for the first time, we can help you roll it out in a way that keeps everyone protected without disrupting their work.
We Know Small Business Cybersecurity
These tips are a good place to start in avoiding small business cybersecurity threats. Below we have the services that we can provide to be even more thorough in protecting your valuable information, along with the threats that each service can prevent or resolve. (Network Intrusion and Data Loss/Extortion are more like consequences that are borne of the other threats we discussed, but we still show which services resolve those problems.)
Ultimately the best strategy for small business cybersecurity is a robust, holistic one that addresses all these threats and more. It considers the needs and risks unique to your business and formulates a plan that provides both flexibility and protection.
For many companies, creating this kind of cybersecurity plan in-house just isn’t feasible. If you could use help developing and implementing a small business cybersecurity strategy, we’re here to help. Reach out to our expert team today to get started.
Check out our additional resources on Small Business Cybersecurity
