As the threat landscape continues to expand, cyberattack numbers reach new heights and attack trends continue to change, as the good vs evil battle rages on. Cybersecurity should be top priority for businesses of all sizes as we depend on data information in this technology era to drive and grow. In this article we shall focus on the SMB market, the dominant market. Starting with a reality check! Most SMBs are still reactive when it comes to securing their business from cyberattacks and would rather risk their data, their business, than invest or budget for security.
Various reports indicate that social engineering is growing as almost 70% of data breaches are through phishing attacks while malware-related attacks are decreasing as one of the global leading vendors in endpoint security detected 62% of attacks in Q4 2021 being malware-free attacks.
Microsoft digital defence report indicated that they registered through Microsoft security signal 50 million password attacks daily. However, the most shocking statistic is that only yet only 20% of Microsoft users and 30% of global admins are using strong authentications such as MFA. US giant Verizon reported that 93% of breaches come through compromised credentials for small medium business
An 82% increase in ransomware attacks registered in 2021, nearly doubled the quantity since 2020. Most ransomware attacks are purely for non-other but financial motive. In a local survey across multiple industries conducted by BMIT with IDC we have observed that 59% of the SMBs have suffered at least 1 ransomware attack.
The ransomware debate - whether to pay or not to pay the ransom? is forever hanging on the head of the victims. A lot of businesses put themselves in the situation by not having adequate security or recovery plans to avoid paying a ransom to unlock their own data.
Ransomware attacks/groups, encrypt or double encrypt the business data. Research has shown that on averagebusinesses that paid the ransomware only got back 65% of their data. This due to a widely known fact that decryptors are buggy and regularly fail to decrypt the largest, most critical data files.
Defender for Business a secure solution for SMBs
Microsoft has recently announced and introduced Defender for Business their latest addition to their endpoint protection security products. The product itself is aimed to help and protect SMBs for up to 300 employees. The new product plan is cost effective similarly priced to the Defender for Endpoint P1 with more features for businesses to reap from. BUT the biggest gainers are those businesses who purchased and use Microsoft 365 for Business Premium as Defender for business was included in this offering following the recent price increase.
Benefits of Defender for Business:
Simplified Client Configuration.
Threat and vulnerability management
Attack surface reduction
Endpoint detection and response
Auto-investigation and remediation
Make the switch from Standard to Premium
If you are using Microsoft 365 Business Standard then you might want to continue reading and most importantly understand how the additional license cost can provide a secure foundation for your business and how to benefit from such features.
First let’s understand what your users will get with Business Standard. The Standard plan will get the attach user the productivity tool set in both the application and web versions, which includes exchange online services with malware detection. And that is as far as security goes with this plan which does not really protect the user or the business data. Obviously, there are add-ons which you can purchase but you’ll double the price if not more to come close to what the Business Premium plan offers.
Benefits with Business Premium:
Defender for Office365 P1 helps protect you against threats such as Phishing and spoofing with advanced threat protection capabilities. These capabilities include Safe Attachments which provides an additional layer of protection for email attachments, this uses a virtual environment to check attachments in email messages before they're delivered to recipients. And Safe Links which provides URL scanning and rewriting of inbound email messages in mail flow, and time-of-click verification of URLs and links in email messages and other locations.
Defender for Business Enterprise-grade security. Defender for Business brings powerful endpoint security capabilities from our industry-leading Microsoft Defender for Endpoint solution and optimizes those capabilities for IT administrators to support small and medium-sized businesses.
Microsoft Endpoint Manager is a cloud-based service that focuses on mobile device management (MDM) and mobile application management (MAM). You control how your organization’s devices are used, including mobile phones, tablets, and laptops.
Information Protection The information protection capabilities of Microsoft 365 Business Premium helps safeguard confidential data against breaches or accidental loss by encrypting email and protecting against unauthorized access.
Azure Active Directory P1 enables Single-Sign-On (SSO) for Windows 10/11 and Conditional Access policies to help ensure only authorized people have access to company data. It also allows hybrid identity users access to Self-Service Password Reset with password protection to eliminate the use of bad and weak passwords.
How can BMIT help SMBs
Microsoft 365 Business Premium is one of those well packaged plans for any SMB, rich with productivity and security features but they are only advantageous to the business if they are exposed and properly configured. A service provider such as BMIT Technologies can truly identify and implement solutions that best fit your business to improve your IT posture. Reach out to us so we can help support and grow your business effectively and securely.