What are the security challenges of protecting SMBs?
Editor Introduction
Small and medium-sized businesses (SMBs) make huge contributions to the economy overall. Considered individually, they may not be as large as companies in the enterprise market, but they have big requirements when it comes to security. SMBs also present unique challenges to security manufacturers and integrators seeking to serve their needs. We asked this week’s Expert Panel Roundtable: What are the security challenges of protecting small and medium-sized businesses (SMBs)?
Small and medium-sized businesses generally have an aversion to large capital costs as they lack the resources to cover them easily. Often these are fledgling businesses looking to grow and thrive, so a significant drop in their cash reserves can be potentially disastrous. At the same time, these businesses need to protect their physical and cybersecurity just as much as anyone else. This is where Security as a Service (SaaS) comes in. The security sector is well placed to deliver its services in the same way you would buy a mobile phone, house, or a new car, by spreading the cost over a fixed-term contract with sensible incremental costs. That way the supplier continues to own the systems but also has a regular fixed income by delivering the service. This approach enables SMBs to enjoy the latest security systems without the fear of an unexpected capital cost.
All businesses want the best solutions and services to protect their occupants and assets. But due to the pandemic, resources are already stretched thin, especially for small and medium-sized businesses. As a result, finding a security strategy that can fit within budget while meeting their needs is definitely a challenge. From the latest in AI-enabled video surveillance to touchless access controls, SMB owners and facility managers should not have to sacrifice performance and security to save on costs. By investing in integrated solutions and services that can serve multiple purposes and be tailored to their unique needs, SMBs can maximise their dollars to reach their security goals. With the right strategy in place, organisations of any size can have a security approach that rivals the business giants.
The biggest challenge is getting SMB owners to simplify the systems that protect their business by selecting a platform over security products. Commercial systems that are disparate by design – separate vendors for intrusion, video and access – can create more problems than they solve. Instead, SMBs would benefit most by using a single platform solution that covers all their security needs. Smart business platforms that also feature insights and intelligence help SMB owners better protect their property and manage their business and employees. These systems provide peace of mind that the business will be automatically secured if left undone, and deliveries are made safely through video verification. They also offer customer experience data on details like customer activity, high traffic areas and line queues. Plus, added solutions like smart temperature monitoring can benefit any business with specific climate control needs.
SMBs face unique challenges in securing their estate. If COVID has taught us anything it is that at any moment you may not have access to your normal business routines, so remote access can quickly become a vital asset. Having all your security systems and data tucked away in an IT closet is no longer in the best interests of many SMB enterprises. Push Notifications, remote viewing of video, video verification, and cloud services are now mainstream for SMB customers and their security solutions must support these capabilities. The SMB owner has to be able to access these security systems and features from anywhere, at any time, and from any device. The ability to move security solutions to the cloud is an easy, effective way to accomplish these goals with a robust, reliable platform that ensures the security of SMB’s people, assets, and property.
Many small and medium-sized businesses have been hard-hit by the COVID-19 pandemic. From stay-at-home-orders to ever-changing compliance regulations to declining revenue, SMBs have had to grapple with a lot. Whatever budget was previously earmarked for security installations might be even smaller now. Integrators are tasked with providing solutions to SMB customers that provide a heightened level of security, functionality, and now safety while also being cost-efficient. One way to do this is for integrators to offer economical add-ons or upgrades to a customer’s existing system. For example, adding an intelligent, two-way audio device to a surveillance system is an attractive option for customers as it expands monitoring coverage, enhances situational awareness, enables secondary source alarm verification, and can broadcast social distancing reminders as organisations continue to follow COVID-19 safety protocols.
Cybersecurity is a very big topic of concern for SMBs, as many of them do not have an in-house IT team and small enterprises might not really see a need to implement comprehensive cybersecurity measures. Small and medium-sized businesses might even see security as a necessary evil, or a grudge expense, that does not require much of their attention – therefore they might be less concerned or aware of issues such as intrusion or hacking. There is a lack of awareness that a threat is not always on their physical premises, but that all these small computing devices can be used to launch attacks in consumer’s homes and businesses. If they are hacked on-site, the business might be unconcerned, but they forget that a camera or other sensor is a device on the network and is vulnerable to other attacks. These are just some of the unattended consequences of this knowledge gap.
Small and medium-sized businesses often lack administrative resources. Their security solutions are often unable to be reactive, easily accessed, and resilient to training in order to manage and maintain it. Most SMBs want the security an enterprise solution brings and may have no problem with a large, one-time purchase of a complex security system. However, they do not deploy such solutions to avoid staffing or specialised training to manage it. Costs for network developments and administration for remote access are usually avoided. Without dedicated security and IT personnel, SMBs can put the reporting and access management in the client's hands with easy out-of-the-box security administration using apps on their mobile phones. They can download the security application and log in with their email or phone number without having to go through complicated set-ups, integrations, and licenses, and start managing their security systems right away.
Managing access and finding the right solution are perhaps the biggest challenges faced by small to medium-sized businesses. Today many business environments have gone from an open-door policy in their lobbies so that customers can access services, such as at a bank, to now needing to periodically restrict access. The challenge for these business types is managing the ability to permit non-employees to enter in a controlled manner that also does not require an individual to physically unlock a door allowing each person to enter. As a result, more businesses are looking at how to leverage their existing access control solution to better manage visitors or invest in an entry management system that can help them with this process.
SMBs typically need to achieve a lot with limited resources. When it comes to physical security, oftentimes their choice of technology, such as cameras, is driven by cost considerations. Many end up rolling out disparate solutions for access control and video surveillance as and when they find the resources, rather than developing a strategic plan to upgrade their system as a whole. This can put them at far greater risk of cyberattacks as all it takes is a single unprotected or improperly secured device to compromise an entire system. SMBs tend to think that, because they are not dealing in billions of dollars, cybercriminals won’t bother attacking their networks. However, SMBs are actually at a greater risk that their business might not survive the fallout or clean-up. A comprehensive approach to physical security that involves choosing trusted vendors is essential to a strong cybersecurity posture.
SMBs are frequently budget-constrained and do not have the luxury of large, sophisticated internal loss prevention and security resources. Unfortunately, this frequently leads to under-spec’ing the solution for a business's unique requirements. It is critical to spend the extra time educating customers and prospects on the latest technologies and to ensure any proposed solutions directly address their specific challenges. SMBs want to know the impact on the bottom line, they want easy-to-use applications and they want the implementation to be seamless. Accordingly, security solutions providers must clearly articulate why that upgrade from basic burglar alarm to the video-verified alarm is worth the investment. We need to show them the savings of, say, replacing a security guard with interactive virtual guard service. When proposing new video analytics applications, demonstrate a quantifiable impact on revenue. Every SMB customer has unique loss prevention requirements as well as business goals.
Editor Summary
SMBs tend to choose products rather than systems and often face integration problems as a result. They are more likely to buy security systems on a piecemeal basis, sometimes without a view toward a coherent and highly functional whole. SMBs also face challenges such as tight budgets, a lack of in-house IT talent, and fewer administrative resources. They are at particular risk when it comes to cybersecurity — and less likely to be adequately protected. Furthermore, the SMB market has faced unparalleled disruption in the time of COVID-19. In short, small and medium-sized businesses need to deploy the technologies of the security marketplace now more than ever.