In addition to recognizing why SMBs are considered easy targets to cyber criminals, and what primary vulnerabilities are, protecting your client’s data, devices, and people is vital. Once an MSP identifies all the physical and virtual computing devices in your client’s organization, the next step is to secure all the data, as well as the devices, and to put measures in place to protect the SMB’s people.

Safeguarding Data

Data growth can have a massive impact on enterprises; SMBs are managing an increasing amount of data, additionally. Whether SMBs use the cloud to store this data, or on other devices, it is vital that you, as an MSP, can secure and recover this data in the circumstance that a cyber attach occurs.

  • Content filtering— By preventing accessibility to malicious websites and other online distractions, your client’s employees will also be protected during business hours.
  • Email encryption—Utilizing end-to-end encryption, your client’s email content may only be read by the sender and the receiver.
  • Data loss prevention— A program for data loss prevention disables end users from sharing sensitive information outside of the company network, by regulating what information can be transferred
  • Backup and disaster recovery— A strong backup and disaster recovery plan must be in place to restore operations rapidly and easily, just at the push of a button

Securing Devices

The number of devices SMBs use is growing, which is resulting in more gateways for cybercriminals to carry out attacks. Along with continuous monitoring, the following security services will ensure that their devices are protected.

  • Antivirus—One of the most important ways to defend devices within your client’s business is by installing and monitoring antivirus software on all devices, from PCs to mobile phones.
  • Patch management—All software applications and operating systems come with risks and vulnerabilities. These vulnerabilities can be resolved by installing patches provided by the suppliers and by keeping software up to date at all times.
  • Regular vulnerability scans—A simple vulnerability scan should include the status of antivirus software, password management policies, and software updates.
  • Web server hardening—Proper hardening ensures default configurations are changed and that certain services and displays are disabled.

Protecting People

Unfortunately and admittedly, protecting people is the hardest aspect when it comes to cyber security. 37% of security breaches are accounted for with human error. Creating a solid foundation for cyber security is vital, so that everyone understand their importance in the overall protect of company data. This includes:

  • Secure authentication- User identification within each organizational security policy and cyber criminals steal 1 billion passwords every year! Installing a password manager, that will create random, strong passwords for each user will help protect employees.
  • Secure remote working— In order to confirm that employees have access to a secure connection for company data and applications when working remotely, and/or using public Wi-Fi, it is essential that SMBs provide a VPN connection to the company’s network, encrypting all online data.
  • Defining enforceable processes and policies— In order to ensure your client is aware of cyber security guidelines, discuss their business operations, and which security policies are in place. Document all answers, and allow employees to access them, to emphasize the importance each employee plays to the overall security of the company.
  • Providing security awareness and training— Educating your client’s employees is significant, so that they know how to protect themselves from an unexpected cyber attack
  • for example by creating strong passwords and recognizing phishing emails. Routine cyber security training is highly recommended, to protect the company at risk.

Now is the time to offer these services as an extension of your existing portfolios. By identifying and efficiently delivering the right combination of security services for small and medium business budgets, you can differentiate your business, add new value and revenue, and most importantly, build lasting partnerships with your clients.

View Avast’s blog

Download our whitepaper on the 3 Essential Components of a Managed Security Service for SMBs to learn more about  these solutions.