The COVID-19 crisis and shift toward remote and hybrid work has resulted in a boom in bring your own device (BYOD) policies that create a host of new cybersecurity issues. These challenges often disproportionately affect small to medium sized businesses (SMBs) that don’t have the same level of resources as enterprises with dedicated IT personnel.

As a result, SMBs should consider zero-touch network-based security services provided by their communication service providers (CSPs) to protect their business and employees from the significant costs associated with cyberattacks. A zero-touch solution removes the burden of installing and managing security from the user, allowing SMBs to offset their lack of in-house cybersecurity resources and gain a 360-degree security solution for any device and location.

Cyber threats SMBs face

Global businesses are facing escalating digital challenges, as the internet of things (IoT) and connected devices grow alongside BYOD. Proper cybersecurity and network management is ever more critical for SMBs and remote workers’ devices, considering 43% of cyberattacks are targeted toward SMBs.

These attacks include phishing, malware, ransomware, and many more, all of which are increasingly used by cyber criminals as they exploit the COVID-19 pandemic to trick unknowing victims. New work from home policies have also moved workers from a centralized, secure office, into an area where many vulnerable connection points exist through which cyber criminals can maliciously enter.

SMBs are often aware of the dangers, but there’s a significant lack of true understanding and knowledge about the potential damage of cyber attacks. 43% of SMB owners have no cybersecurity defense plan in place – putting their most sensitive customer, financial, and business data at risk. For example, they can lose significant capital from ransomware or distributed denial of service (DDoS) attacks that leave their site unusable for a time without an opportunity to generate revenue.

Instead of taking control of their cybersecurity defenses, SMBs often quixotically rely on their employees to sufficiently protect their personal devices. Even those employees that take unusual steps to protect their primary work-related devices, typically leave additional smart and secondary devices vulnerable. Because all of these are ultimately connected by way of networks or shared files, they open a wide doorway back to the business. 

Tackling cybersecurity

While SMBs may have already invested in security solutions prior to the pandemic, it’s expected that now a greater share of IT budgets will go toward cybersecurity. Almost a quarter of small businesses and a third of medium-sized businesses said that their spending on cyber security is likely to be even higher than they had originally planned, according to Analysys Mason.

Without deep cybersecurity knowledge, most SMBs need guidance from security specialists to help optimize the use of cyber budgets. One of the first places SMBs should look for this is with CSPs. CSPs naturally have an advantage over other solution providers to provide security services as they understand their customers’ needs and already touch all network traffic in and out of their SMB customers on Wi-Fi, fixed and mobile.

This puts CSPs in a unique position to offer network-based security-as-a-service through a small firmware agent that is installed on the business router to block threats in real time. SMB customers can implement this type of solution in a zero-touch manner, keeping employees off of malicious websites and simultaneously blocking viruses, ransomware and malware. Through the use of artificial intelligence and machine learning, such a solution can analyze the information from the router to identify connected devices and create device specific profiles to understand network activity at all times.

SMB end users can also apply content control to device groups or individual devices to tailor ‘allowed’ content during working hours. An SMB solution should offer granular reporting of all protected devices, and a self-diagnostics chat bot that can reduce the time and effort required to troubleshoot network problems.

As many countries are easing out of lockdowns we can expect remote work to stay in a hybrid approach. Small businesses are already under stress from a year that has been unsympathetic to their quest for survival. They lack the skill, the time or resources to tackle cybersecurity; but at the same time, they must do so to protect their livelihood from faceless cyber enemies. SMBs must be prepared to adapt to changing cybersecurity challenges during these times, therefore, by establishing a solution that not only mitigates the risk of damaging cyber attacks on the network but does so quickly, cost-effectively and seamlessly.