It’s no surprise that cyber criminals have been taking advantage of the disruption of 2020 to double down on attacks. However, some small businesses may mistakenly think that they aren’t big enough to bother with when there are juicy targets like the World Health Organization to go after.
The essential cyber security toolkit for SMBs
Practical tips for cyber security training
But SMBs would do well to be on guard. The UK government’s 2019 Cyber Security Breaches Survey found that 31% of responding SMBs had suffered a data security breach - up from 19% the year before, and resulting data losses cost SMBs an average of £3,650 each year. Nevertheless, 29% of businesses said they took no action to prevent such an attack recurring. The misapprehension of the risks has lead SMBs to under-invest in network security, which has in turn made them a prime target for opportunistic attackers.
Fortunately, it’s a lot cheaper to protect your data than it is to clean up after your systems have been compromised. Unified threat management (UTM) security appliances offer an ideal solution, with a complete spread of security measures available at competitive prices. We’ve reviewed SMB UTM appliances from four major brands – DrayTek, Sophos, WatchGuard and Zyxel – choosing products that cover a range of budgets and testing them thoroughly in our lab to help you select the best option to keep your business safe.
Most small businesses have limited on-site IT expertise, and for them, a UTM is the perfect choice. After all, a single unit that handles all your security services is much easier to manage than solutions that bring together components from multiple different vendors. The appliance even keeps track of elements that need to be kept current, like malware signatures and IPS (intrusion prevention system) profiles, and can automatically download updates at regular intervals or on demand.
All of the appliances on review offer a user-friendly interface for centralised monitoring and swift access to features. Many SMB UTMs are also starting to support cloud management, but this is a relatively new development and features vary considerably: some appliances only support monitoring, whereas others can be fully managed over the internet. One product on review this month is even designed to be purely cloud-managed.
Ready to start
Today’s UTM appliances give you great flexibility, but there are a lot of subscription schemes and models to choose from, and it pays to research your options. Most vendors offer a range of licensing tiers, allowing you to buy a specific set of services over either one or three years.
All UTM appliances include a business-class SPI firewall as standard, along with support for IPsec and SSL VPNs; some also offer built-in Wi-Fi services, enabling you to easily secure wireless traffic. Antivirus scanning intercepts and analyses all web, FTP and email traffic and blocks any dangerous items at the gateway so they never get into your network.
IPS works in a similar way, checking all data packets against vendor-provided signatures to detect and block vulnerability exploits such as denial-of-service attacks. You may see some products offering an IDS (intrusion detection system) service but be aware of the difference: this only alerts you to a potential attack without blocking it.
Web filtering is another important feature to look out for, allowing you to decide which types of websites users are allowed to visit. All four of this month’s appliances offer category-based filtering so you can easily prevent staff from playing games, shopping online or wasting time on social networks.
Consider anti-spam services too, if they’re offered. Your antivirus component can strip out infected attachments, but it can’t do anything about social engineering attacks and may struggle to identify sophisticated phishing attempts. Adding anti-spam measures to your UTM appliance allows it to weed out the majority of suspect messages – but we also recommend you train your staff on how to recognise and handle potentially dangerous emails.
A final component to consider is application controls, which can include granular options for managing thousands of common applications. Using these you could, for example, allow users to access the company Facebook account but not permit them to play games.
Appliance of science
A UTM appliance is a long-term investment, so you don’t want to choose one that’ll be running at full capacity on day one – otherwise, your network will start to crawl along as your user base expands and gateway traffic increases.
Cyber security for accountants
3 ways to protect yourself and your clients online
All vendors advertise performance figures for their UTMs with various security services enabled, but don’t be swayed by high firewall throughput rates: these are invariably tested using lightweight UDP packets, which isn’t a good representation of real-world usage. Look to other services as your baseline, such as antivirus scanning and IPS, when sizing up an appliance for current and future demand.
Look into what sort of upgrade path the prospective vendor offers too. If your demands do grow beyond the capabilities of your UTM, you may end up with users clamouring for you to turn off vital security services, in order to restore the network to an acceptable speed. You’ll be glad if you have the option of trading in your UTM for a higher-performing model at a reduced cost.
Safe not sorry
Security isn’t something you can afford to skimp on. A data breach could leave you facing not only damage to your brand, but punitive fines for failing to protect confidential information. And don’t think that parting ways with the EU gets you off the hook: GDPR rules will still apply in the UK. SMBs may get some leniency due to their limited resources, but failing to observe GDPR codes of practice could cost you 2% of your annual turnover or €10 million, whichever is higher – and breaches involving personal data could see this rise to 4% of turnover or €20 million.
Next to those sums, the cost of a security appliance clearly pales into insignificance.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2023.
Dave is an IT consultant and freelance journalist specialising in hands-on reviews of computer networking products covering all market sectors from small businesses to enterprises. Founder of Binary Testing Ltd – the UK’s premier independent network testing laboratory - Dave has over 45 years of experience in the IT industry.
Dave has produced many thousands of in-depth business networking product reviews from his lab which have been reproduced globally. Writing for ITPro and its sister title, PC Pro, he covers all areas of business IT infrastructure, including servers, storage, network security, data protection, cloud, infrastructure and services.