78% of SMBs indicated that having a privileged access management (PAM) solution in place is important to a cybersecurity program – yet 76% of respondents said that they do not have one that is fully deployed, a Devolutions survey reveals.
While it’s a positive trend that the majority of SMBs recognize the importance of having a PAM solution, the fact that most of the respondents don’t have a PAM solution in place reflects that there is inertia when it comes to deployment.
SMBs are not immune, company size doesn’t protect from cyberattacks
Global cybercrime revenues have reached $1.5 trillion per year. And according to IBM, the average price tag of a data breach is now $3.86 million per incident. Despite these staggering figures, there remains a common (and inaccurate) belief among many SMBs that the greatest security vulnerabilities exist in large companies.
However, there is mounting evidence that SMBs are more vulnerable than enterprises to cyberthreats – and the complacency regarding this reality can have disastrous consequences.
“SMBs must not assume that their relative smaller size will protect them from cyberattacks. On the contrary, hackers, rogue employees and others are increasingly targeting SMBs because they typically have weaker – and, in some cases, virtually non-existent – defense systems.
“SMBs cannot afford to take a reactive wait-and-see approach to cybersecurity because they may not survive a cyberattack. And even if they do, it could take several years to recover costs, reclaim customers and repair reputation damage,” said Devolutions CEO David Hervieux.
Key findings from the survey
To dig deeper into the mindset of SMBs about cybersecurity, Devolutions conducted a survey of 182 SMBs from a variety of industries – including IT, healthcare, education, and finance. Some notable findings include:
- 62% of SMBs do not conduct a security audit at least once a year – and 14% never conduct an audit at all.
- 57% of SMBs indicated they have experienced a phishing attack in the last three years.
- 47% of SMBs allow end users to reuse passwords across personal and professional accounts.
These findings reinforce the need for better cybersecurity education for smaller companies.
“Conducting this survey reaffirmed to us that while progress is being made, there is a still a lot of work to do for many SMBs to protect themselves from cybercrime. We plan to conduct a survey like this each year so that we can identify the most current trends and in turn help our customers address their most pressing needs,” added Hervieux.
Protect from cyberattacks: The role of MSPs
One way for SMBs to close the cybersecurity gap is to seek out a trusted managed service provider (MSP) for guidance and implementation of cybersecurity solutions, monitoring and training programs. Because SMBs do not typically have huge IT departments like their enterprise counterparts, they often look to outside resources.
MSPs have an opportunity to strengthen their relationship with existing customers and expand their client base by becoming cyber experts who can advise SMBs on various cybersecurity issues, trends and solutions – as well as offer the ability to promptly respond to any security incidents that may arise and take swift action.
“We expect more and more MSPs will be adding cybersecurity solutions and expertise to their portfolio of offerings to meet this demand,” Hervieux concluded.
Prevent privileged account abuse
Organizations must keep critical assets secure, control and monitor sensitive information and privileged access, and vault and manage business-user passwords – all while ensuring that employees are productive and efficient. This is not an easy task for SMBs without the right solution in place.
Many PAM and password management solutions on the market are prohibitively expensive or too complex for what SMBs need.
Leading the way is a Privileged Access Management (PAM) solution called Devolutions Password Server, which provides enterprise-grade PAM features that offer SMBs a level of protection usually only afforded to large organizations.
It is well known that data breaches can cause devastating financial losses and immeasurable damage to a company’s brand and reputation. While every business is a potential target, SMBs face unique challenges from their enterprise counterparts – yet the majority of IT software solutions currently available are complex and go well beyond what most SMBs require.
With the introduction of Password Server late last year, Devolutions is out to change that.
Most PAM solutions on the market are designed for large enterprises, then scaled back or restructured in an attempt to meet the needs of smaller businesses. Knowing that this approach leaves much to be desired, Devolutions created Password Server specifically for the needs of SMBs.
Described by industry analyst Martin Kuppinger as “providing a good baseline set of PAM capabilities and being easy to deploy and operate,” Password Server allows users to control access to privileged accounts and manage remote sessions through a secure solution that can be deployed on-premises.
With Password Server, SMBs can reduce the risks from insider threats and data breaches that often originate from credential misuse or compromise.
When used in combination with Devolutions’ Remote Desktop Manager, Password Server becomes the single pane of glass of any IT department, integrating passwords and credentials with a robust, efficient remote connection management solution.
In addition to Password Server, Devolutions will showcase the following software solutions:
- Remote Desktop Manager (RDM) is recognized throughout the industry for its ability to centralize all remote connections on a single platform that is securely shared between users and across the entire team. It supports hundreds of integrated technologies – including multiple protocols and VPNs – along with built-in enterprise-grade password management tools, global and granular-level access controls, and mobile apps to complement desktop clients for Windows and Mac. RDM empowers IT departments to drive security, speed and productivity throughout an organization while reducing inefficiency, cost and risk.
- Password Hub is a flexible, cloud-based password management solution for team environments. It empowers organizations to simply and securely vault and manage business-user passwords and other sensitive information through a user-friendly web interface, which can be accessed via any browser. Password Hub was tailor-made to reduce SMB vulnerabilities to data theft.
“While our solutions can be used independently, many of our customers find that combining them together can be even more powerful,” said Martin Lemay, CISO of Devolutions.
“For instance, one of our customers recently paired our Remote Desktop Manager with our PAM solution, which enabled their IT department to manage servers and network devices, integrating with password and credential management. This provided them with the utmost level of security across their organization that was not previously possible at the SMB level.”