Skip to main content

What About The Current state of SMEs Security Policy?

SMEs are increasingly ignoring security warnings and failing to implement adequate security. This is down to that fact that security threats are evolving at such a rapid pace that they outstrip the ability of busy, multi-tasking SME business managers to keep their understanding up to date.

The easiest policy for a manager to follow with regards to security is to put his or her head in the sand and pretend that nothing could ever happen.

The key to successfully servicing this market is for vendors and the channel to make the operation of security solutions as simple as possible, which is where integrated appliances and managed security come in.

The most dangerous security threats and vulnerabilities are increasingly web based. With the use of feature rich web browsers, it is easy for malicious threats to be passively downloaded.

Consideration has to be given to content management and access, web based anti-virus, web based spyware and malware detection and deletion, P2P applications and Instant Messaging vulnerabilities.

To address these new risks in the traditional way, SMEs would be faced with having to purchase many different point solutions and then find, train and retain the resource to administer and manage them.
Management of the products can become very complicated, and unfortunately, the more complicated we make security, the higher the chance of a security breach.

We are fnding that more and more SMEs are choosing to consolidate their security and deploy an all-in-one device consisting of all the trusted point solutions, reducing management time and cost.

Also, I believe outsourcing is a big growth area for SMEs. Managed Security Service Providers (MSSP) either remotely manage the security appliances or host and manage the company’s security.

The only input the SME needs to make is to define its security policy. The MSSP is then responsible for enforcing that policy for a monthly fee.

Fundamentally, SMEs need to try and strike the balance between, security, business and budget and these two security models match those goals very well.