STE WILLIAMS

The complexity of the information security threats, regulations, and risks to a small or midsized business (SMB) can make the selection of security software a complex task in itself. Thankfully, there are a great many solutions available to address the confidentiality, integrity, and availability concerns SMBs have for sensitive data and critical systems. Unfortunately, choosing the right one is not that simple.

To guide SMBs in the selection of security software, I have listed five factors to consider that will not only help to ensure that the software addresses the SMBs concerns but integrates effectively into the business. These are scalability, simplicity, integration, automation, and compliance.

1. Scalable: Mature security software has typically evolved to deploy into large organizations, integrate with other popular applications, and inherited functions derived from many customers over the years. If these same solutions cannot offer a model that scales (function and pricing) to the SMB, fitting these solutions into the SMB is typically more trouble than it’s worth. Security solutions aiming to address the concerns of the small business need to have a pricing model that scales, without a high cost for administrative consoles or other required elements.

2. Simple: “SMBs investing in security software should focus on solutions that are easy to setup, configure and maintain,” says Mark Austin of Avecto. Utilizing existing infrastructure and services such as Active Directory and avoiding the cost of additional servers are among the examples Mr. Austin cites.

3. Integrated: Software solutions that take advantage of existing infrastructure (e.g., servers, Active Directory) provide additional value to SMBs. Mr. Austin adds that “solutions that are configured through familiar management consoles, such as Group Policy, have a shorter learning curve than proprietary management consoles.”

4. Automated Updates: Based on the changing threat environment and frequency of discovered flaws in deployed software it is imperative that these solutions can be set to ensure updates are automatically applied. Updates need to affect not just the consoles but software on user desktops as well. Consoles should be able to force desktops to update and provide reporting for instances that are out of sync with the current updates.

5. Intuitive Compliance: Lastly is the issue of compliance. Far too many software solutions boast “PCI compliant,” “HIPAA/HITECH solution” and other claims without a reasonable explanation of what that means or assistance to get there. Software solutions that come with white papers or configuration guidelines that explain the regulation, what requirements this solution addresses, and how to configure the product to do so are in higher demand at SMBs.

Software solutions targeting the SMB market need to consider not only the functions of the software but the five (5) elements of software that make a good SMB solution, namely scalability, simplicity, integration, automation, and compliance.

Doug Landoll is the CEO of Assero Security, a firm specializing in SMB Security. You can follow him on Twitter as @douglandoll

Article source: http://www.darkreading.com/smb/5-factors-of-better-smb-security-softwar/240160604