The need for increased security awareness in small to medium business in 2010.

The holidays are over, time to focus on the new year ahead. For some the holidays provide a little more time – as others are busy preparing for the holidays – to research, review and ‘catch up’ on security news and trends from around the industry.
I have always been an advocate for security awareness in the small to medium business (SMB) space. Working in this field I have come to understand the balance between equipment and resources cost and the margins which SMB’s operate within to remain viable. Calls for increasing security can appear to negatively impact this balance. Unfortunately the SMB space is becoming an increasingly popular target for internet criminals as witnessed by these two recent articles.

http://www.krebsonsecurity.com/2010/01/fbi-investigating-theft-of-500000-from-ny-school-district/

http://www.wired.com/threatlevel/2009/12/feds-warn-small-businesses/

Although the targets here were school districts one can easily see the correlation to the SMB space when thinking of resources available and operational processes within an organization. How long would it take for an SMB to notice that the transfer or payment of funds was not proper and then correct it? How much can they afford not to recover? As noted in one article the red flag was raised by the bank and not the customer! One wonders how many SMB’s would receive the same amount of diligence from their banking institutions.

So how does this tie in with VoIP security? Even in these tight economic times unified communications has continued to increase in deployments due in part to operational improvements and cost reduction promises. Growth in UC deployment means increased deployments of SIP trunking and SIP trunking usually means port 5060 is open in your firewall and network. Now we see that this open port can possibly be used as a probe point to other servers and services within the network through the firewall. Its time for SMB’s to think of more than just a firewall and anti-virus (as most SMB’s do) as protection enough from threats.

http://www.theregister.co.uk/2010/01/06/web_based_firewall_attack/

We can understand the criminal intent to go for the ‘big score’ (against the big institutions) but these attacks should remind all to never underestimate the lure of easy cash wherever it may be or whatever the amount – never think your business is ‘not large enough’ to be a target. It’s not the size of the prize but the ease of exploitation that makes you a target.

Growth of SIP trunking:
http://www.infonetics.com/newsletters/newsletter-CRS-Enterprise-Voice-SIP-Trunking-Survey-102709.html