Don’t ignore security if you work in the SMB market…I continue to see smaller resellers focusing on managed services, but neglecting the security side of this program.  Don’t do it.  Managed services contracts justified on security remain the most stable contracts for long-term recurring revenue.

In this attached article, Cyber Thieves Hit Owners (From the Wall Street Journal), the writer shows how small businesses are often held responsible for financial losses caused by hackers…in other words, while you as an individual can usually recover by placing blame on the bank, it is only on some recent cases that the bank was held responsible for small business losses.  While the writer takes the positive side, seeing a trend to help small business, we are not there yet.

Every project should incorporate security, and every reseller should assume their SMB clients are clueless about security.  That’s just the way it is, and this article says exactly that.  Consider these sound bites from the link above:

• “The proportion of those attacks that were explicitly focused on small business rose to more than 30%, compared with 18% at the end of December 2011, according to its findings.”

• “In the first half of 2012, the total number of targeted attacks on organizations rose to an average of 151 a day during May and June.”

Make sure you have security built into your discovery process – look for weak end-node security, poorly configured firewalls, unstructured data outside the firewall, unsecured web applications, and personal devices full of sensitive data (such as Smart phones lacking passwords and encryption).

© 2012, David Stelzl