Untangle: SMB IT Security Strained by COVID-19, Remote Work

SMB IT security has become even more challenging during the COVID-19 pandemic with the switch to remote work, and limited budgets and resources.

That’s according to Untangle‘s third annual SMB IT Security Report. Untangle polled more than 500 SMBs on managing IT security.

The SMB IT security report finds that, year-over-year, a growing number of SMBs continue to do more with less. Some 38% are allocating $1,000 or less to their IT security budget. That compares to 29% in 2019 and 27% in 2018.

Heather Paunet is senior vice president of product management at Untangle.

Untangle’s Heather Paunet

“SMBs are facing many challenges right now, one of them being the transition from employees working within a headquarter location to working from home,” she said. “At the height of the pandemic, 78% of SMBs transitioned up to 100% of their employees to a remote workforce. And now, as states and cities work to provide some normalcy, 56% of SMB employees will remain working remotely. This challenge … is met with the additional challenge of bringing employees back into the office.”

IT teams need to audit each device that is home, Paunet said. They also need to audit each endpoint and connection to ensure it hasn’t been compromised. And they need to ensure the VPN is used correctly at all times.

You need a full system audit to identify if any employee credentials have been compromised.

Biggest Barriers

Consistent with previous report findings, one in three (32%) identify budget as their greatest barrier. That’s followed by employees who don’t follow IT security guidelines, limited time to research and understand emerging threats.

SMBs rank firewalls (82%), antivirus protection (57%), endpoint security (48%), archiving management and backup and VPN technologies, (47%), and web filtering (40%) as the most important features when considering which IT security offerings to buy.

Of the organizations surveyed, almost half (48%) operate in more than two locations. That makes SD-WAN an ideal infrastructure, according to Untangle. SMBs are able to increase branch office network security, increase internet efficiency and decrease IT spending.

“One of the more surprising findings in this report was that SMBs are still in the learning phases of understanding the benefits of adopting SD-WAN technologies,” Paunet said. “Many times, SD-WAN technology can be associated with large enterprise network infrastructure, but those same benefits can support SMBs. SMBs may not have considered this technology, but with the benefits it can provide, and money saved with its deployment, many more should.”

Some 45% of SMBs said they have adjusted or reevaluated their IT security road map based on recent breaches and attacks. And of those SMBs who experienced a data breach within the last 12 months, 15% were able to stop the attack or any unauthorized access before the malicious hackers extracted any sensitive data.

MSSPs Can Help

“MSSPs and other cybersecurity providers should explore services that streamline what SMBs may already have in place, or further address pain points they are already dealing with,” Paunet said.

In addition, MSSPs and cybersecurity experts can provide ongoing employee education.

Another point where MSSPs can help SMBs is to streamline their hybrid network infrastructure, Paunet said.

“While SMBs have adopted a hybrid on-premises/cloud-based IT infrastructure for business applications … 71% of SMBs have their firewall on site rather than in the cloud,” she said. “Building a path for SMBs to extend their firewall or other key network components into the cloud, reducing hardware costs, or giving the organization the flexibility to pay on consumption, can extend their IT budgets into other crucial areas.”