Data Breaches: An Equal Opportunity Threat

How resellers can help small and midsized businesses deploy XaaS to beat the odds

Equifax. Target. Yahoo. You might recognize these companies as ones that have made headlines for a less-than-glamorous reason—a data breach. But don’t let the headlines mislead you. If you believe that IT security and data vulnerability is a problem seated squarely in the large enterprise space, you’d be wrong.

The truth is, the majority of cyberattacks occur at small- to mid-sized businesses (SMBs). Verizon’s 2018 Data Breach Investigation Report highlights that 58 percent of malware victims are categorized as small businesses. According to a recent Barkly survey, 57 percent of SMBs reported an increase in the volume and complexity of cyberattacks.

For SMBs, CISOs aren’t in the budget, but the need for reliable, secure tech is paramount to their business models. What this means is, more often than not, SMBs are relying on solution providers to ensure their IT security is safeguarded.

In the coming year, SMBs will be looking for ways to streamline security operations. Many business managers are overwhelmed by options for securing their data. Currently, they piece together different tools and services that do not necessarily provide a complete IT solution. Resellers have to be keenly aware of what is out there and bring SMBs a unified and holistic strategy. As threats rise, companies of all sizes know big IT investments are increasingly necessary. But especially for SMBs, resellers must provide the expertise to do it right, making the most of that investment.

What’s at Risk?

Customer data is critical to SMB livelihoods: IDG reports that half of SMBs say access to customers’ personal information is fundamental to their day-to-day operations, while 60 percent say they require specific customer data in order to deliver more personalized services and grow their business. Yet the data stored by SMBs is sensitive: TechRadar finds that 94 percent store financial information.

However, most SMBs are not equipped to adequately protect themselves. Untangle’s 2018 SMB IT Security Report reveals that a mere 27 percent have a dedicated IT security professional on staff. Meanwhile, attacks on SMBs are projected to escalate, with phishing, malware and ransomware attacks in particular on the rise.

This threat can be even more sobering because smaller companies often lack the resources to recover from downtime and lost revenue associated with a breach and its resulting reputational damage. This is a fact that hackers actively seek to exploit.

Leveling the Security Playing-Field

Technology enables medium-sized companies, small businesses and even at-home startups to compete with the largest of enterprises. Goliaths have spent billions of dollars to protect themselves. In recent years, banking giant JPMorgan Chase increased its annual budget for cybersecurity from $250 million to $500 million and growing, according to Forbes. And in 2017, Bank of America said it would spend $600 million on information security, according to Reuters. Those figures are rising with each passing year and they’re well beyond the budgets for smaller companies. Reseller-guided implementation of Everything-as-a-Service (XaaS) offers SMBs a path to top-notch security at an appropriate investment level.

Resellers not only offer technology products, solutions and services, but also hold a critical position in helping to educate SMBs about how the threat landscape is evolving, what new risks are on the horizon, and what new security innovations and options are available.

Whether they have one or 1,000 employees, cloud-based, as-a-service models such as Managed Print Services (MPS) and Device-as-a-Service (DaaS) enable SMBs to get and stay more secure in three significant ways:

1. Keeping Your Tech Up to Spec

SMBs rely on manufacturers who design and build secure, adaptable technology from the ground up. They also need resellers to act as gatekeepers, making sure they are actually aware of, and getting access to, that technology.

Think about when a computer or printer boots up: as many as a million lines of code can be executed before the device’s operating system is loaded and the user even sees a welcome screen. As-a-service models provide SMBs with access to the latest and most-innovative security technology. Features like “detect and respond” security are integrated in new technologies to deliver proactive protection, and services then amplify those benefits with advances in processes, systems, workflows and training.

Resellers can assist SMBs in evaluating best-in-class features, including behavior-based malware detection instead of signature-based, which only identifies known malware, multi-factor authentication and automatic-runtime intrusion detection. Innovations such as integrated self-healing protection automatically recovers the BIOS to keep critical applications and processes running even if malware tries to shut them down, and offers the ability to detect, attack and recover a compromised device remotely, which protects firmware.

Resellers can recommend DaaS for proactive protection against attacks by monitoring every device—desktops, laptops, smartphones, printers—and to ensure continuous compliance with security policies, including data access and approved apps. Automatic updates across entire fleets mean that the resources required to manage all those devices are dramatically reduced and even eliminated.

2. Gaining the Security Know-How for 2019

While nearly 80 percent of SMBs rank security as very important to the business, according to Keeper’s 2017 State of Cybersecurity for SMBs, only 14 percent highly rated their ability to combat cyberattacks and vulnerability. Resellers are well-positioned to provide insight and guidance to close this gap and make sure SMBs are proactive, rather than always coming from behind.

Most SMBs cannot afford a CISO. Untangle reports that 52 percent of SMBs distribute the responsibility for IT security across several roles, making potential gaps even wider. For instance, a red alert over the weekend might not be seen until Monday morning, and then causes a wave of disruption as to who will handle it. Cloud-based solutions from resellers come with the assurance of expertise, especially in an arena that is complicated and fast-changing with mounting regulations. Consider that even among enterprise IT decision-makers (who know a thing or two about technology) only 16 percent believe printers are a high-risk target for a security breach, according to Spiceworks research. Hackers target printers because they know that fewer than half of surveyed companies include printers in their endpoint security approach.

SMBs need CISO surrogates to share security best practices and help them stay ahead of vulnerabilities, including the threat of network hacks who steal customer data via a printer, or how any document sent to an unsecured printer could be hijacked in transit, or the ease with which a hacker could springboard from the printer to another unsecured area of the network.

XaaS solutions also deliver data that can be used to help assess risk; define and evolve appropriate security protocols for compute and print devices, data and documents; and aid in defining an overall security schedule. In 2019, breaches will be even more sophisticated—their results potentially more devastating than ever to companies. To that end, training is another area where as-a-service options can support and help educate employees about how to spot possible attacks and practice good security hygiene.

3. Protecting Your Mobile and Distributed Workforce

In some smaller businesses, employees wear multiple hats. In these situations, it is common for working arrangements to be more fluid, which means employees are frequently working from multiple locations on multiple devices. Each laptop, desktop, smartphone and tablet represents a potential weak point: NWN reports that 71 percent of data breaches target endpoint devices such as smartphones and printers. Cyberattacks that target often-overlooked actions such as logging on to public Wi-Fi or sending unencrypted sensitive information over email will also grow in the year ahead.

Resellers help SMBs evaluate their mobile environment and design a XaaS model to enable even the smallest of companies to stay secure and maintain device protections via automatic updates. XaaS proactively protects against attacks by monitoring each device and how it adheres to data access and approved apps. If a device is lost or stolen, it can be remotely found, locked or even erased. Mobile printing solutions empower employees to print from their devices while maintaining security policies and managing printer access. When obsolete, devices can be wiped of data, and the business can recover the residual hardware value.

Security is not a luxury only the largest companies should invest in rigorously. In many ways, it is a do-or-die necessity for small enterprises. For SMBs, a breach can very easily force the company to shut down. XaaS solutions can provide the highest levels of safeguards to protect data for you and your customers, and keep your business up and running.

Grad Rosenbaum
About the Author
Grad Rosenbaum is the Vice President and General Manager of the Americas Solutions Business at HP. He is responsible for the go-to-market strategy, P&L, delivery execution and overall financial performance of the Americas print and personal systems services businesses. This includes the sale and delivery of managed print services, printing and workflow solutions, and personal systems services for HP’s consumer, corporate, enterprise and public-sector segments. In addition, Grad is responsible for HP’s System Integrator Alliances program for the Americas Region. Through his 30-year tenure at HP, he has held a number of executive leadership roles, and he has been instrumental in the creation, development and expansion of the global managed services business. Prior to his current role, Grad successfully led the Americas Print Services Business, U.S. Print Sales, and the Americas Signage Business.