How to Adopt a “Defense in Depth” Security Strategy to Protect Your SMB

While small- and medium-sized businesses (SMBs) may not consider themselves prime targets for cyber security attacks, the fact is they are being targeted more frequently these days.

Whereas in 2020 SMBs (less than 1,000 employees) suffered fewer than half the number of breaches that larger companies did, last year it was nearly even, according to the Verizon Data Breach Investigation Report. The 2021 version of the report showed that among companies where size was identified, 307 breaches occurred in large organizations and 263 in smaller ones.

It’s incumbent on SMB leaders, then, to focus on setting up a proper defense. In security circles, that means a “defense in depth” strategy that includes multiple layers of protection. The idea is that even if an attacker makes it past one defense, others are in place to thwart the attack. Taken together, the multiple layers dramatically reduce the probability of a successful attack.

And here’s the best news for SMBs: It once took a variety of security appliances and software components to implement a defense in depth strategy. But today it can be delivered along with the networking equipment any growing business needs for speedy connectivity within its walls (and beyond).

A robust defense in depth strategy can include the following types of layers:

• Next-generation firewalls. Firewalls are typically the first line of defense, inspecting network traffic and blocking or allowing it based on predefined rules relative to port, protocol, and other filters. Next-generation firewalls include additional features such as intrusion detection/intrusion prevention (IDS/IPS), application-level protection and control, and cloud-based threat intelligence. Some also include a policy enforcement firewall (PEF), which provides a “zero trust” boundary at the point of network access.

• DNS protection. Next up: domain name service (DNS) protection. DNS helps protect against users inadvertently clicking on a malicious web page, often as a result of a phishing attack. DNS protection evaluates each request to a DNS server, filtering out those that appear suspicious or malicious, and blocking the web page connection.

• Endpoint protection. Each networked endpoint – including desktops, laptops, and mobile devices – should be outfitted with antivirus and other advanced malware protection software. This collection, often referred to as endpoint detection and response (EDR) tools, help identify threats based on well-known signatures as well as patterns that indicate suspicious behavior. Some inspect files and employ machine learning techniques, typically cloud-based, to determine whether they are malicious.

• VPNs and multi-factor authentication. Virtual private networks (VPNs) offer an additional layer of security by forming an encrypted channel between corporate network resources. That makes the security of each device all the more critical, however; a compromised device attached to a VPN would have unfettered access to corporate resources. Multi-factor authentication (MFA) can help in that regard, by requiring both a password and an additional form of identification, such as a time-sensitive authentication code.

• Advanced networking – with built-in security. At one point it would have taken an IT professional with deep security expertise to implement all these security layers. Today, you get them baked in with the same networking infrastructure that keeps your employees connected.

Aruba offers network solutions tailored for even the smallest companies that combine the latest networking equipment with effective security.

Aruba access points, switches, and gateways enable you to separate business from customer traffic, set hours for network availability, and block specific website and application categories – an effective way to thwart malicious activity. They support all the ways SMBs think about security today while enabling a path forward for more modern security strategies.

That path includes Aruba Central, a cloud networking solution that features full-time security monitoring, web content filtering, wireless intrusion mitigation, policy enforcement to the user and device level, and more.

It’s only a matter of time before any company, large or small, becomes a target of cyber threats. Vigilance is required – and Aruba delivers.

To learn more, explore Aruba’s SMB network solutions.