Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: IT Security in the SMB - Call for input - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
IT Security in the SMB - Call for input

One of the catch phrases when discussing IT Security is the principle that there is no "silver bullet". In order words, there is no one thing or solution that will solve all of your IT security problems. With that in mind, I would like to turn the focus on the small to medium business (SMB). Over the past few years, I have observed a lot of development being done for the SMB markets that work to integrate as many different layers of IT security into one product as possible.

At the same time, IT security has become integrated into a business must do rather than a business should do thanks for IT security regulations and a change in thinking for business leaders that have learned over time that IT security can be a business decision driven by ROI.

Given these two primary factors I have observed impacting this market, my concern is that while SMB business leaders are now more aware of IT security as a necessity, how many of them are falling into the old trap of relying on a single purchase to satisfy all of their needs? Even though multiple function devices are improving, there is still no silver bullet. Or has the industry made progress in educating these business leaders that security is a journey, not a destination.

I am requesting feedback from anyone who works with these types of business and can provide their thoughts from the field.
I will be looking at all of the feedback I get and posting a follow-up article on a future shift.


22 Posts
Feb 2nd 2008
I work for a company that has went from small to medium to almost large in just over 6 years.

When I started their idea of security was a router, and the first device I setup was a ipchains firewall.

As we have grown, I have been able to, little by little add more secure products/hardware. But at the same time have had to give up areas of past control to deal with the growth. I was not security minded as these things were deligated out and now my biggest problems are now the people who are incharge of things like AD, or the ERP system.

And our latest IT director wants one vender to beat up on, but 3 quotes every time we do something.

As of late I have transisioned my job in to security (Both physical and Network) and have started sending both the CIO IT Director and the AD administrator stories I find on the web from around the world. This seems to have garnered their attentions and we are starting to review security and DR. It has taken a long time but I think once you can show that real threats exiest, which we all know they do, they people in charge will make the right choices.

But for those of you out there who have managers who read the industry mag, and that is how they make there selections, all you can do is prepare for the worst case, and once you clean up the mess that will get made, say to the management, "I TOLD YOU SO!, Now are you going to listen?"

Good luck to all

1 Posts
It is difficult to fight for any IT funding in the SMB market let alone IT security. Business owners are staring at spiraling employee HR / Benefits costs and unfortunately IT Security is near the bottom or not on their list of priorities. The TJX mess helped educate (or scare) some organizations to loosen up the purse strings this past year. Many many organizations do not have a full time IT person and typically utilize an employee who takes all Pcmag reviews as gospel and just use simple consumer security devices to their Cable or DSL services. Appliances like Sonicwall & Astaros do make sense from a cost standpoint in this market but then you are fighting to spend $2k for something that the owner views as non revenue generating. Regarding AV, Symantec who used to rule this arena but has pretty much priced themselves out of this market so many organizations are turning to Grisoft and the like. Above all Spyware remains the biggest problem in the SMB networks due to the lack of user education and poor client protection. One thing we did was to print out the December Holiday toolkit post from ISC & send it to everyone we've ever had contact with over the years in an effort to educate the owners. Overall as prices have dropped and the device management interfaces have matured it is better than in years past but there remains a steep uphill climb.
$.02 deposited.

3 Posts

Sign Up for Free or Log In to start participating in the conversation!