Despite record security spending, breaches are still inevitable, and their impact isn’t just felt at the biggest companies in the world. According to research by Gartner, 81 percent of successful ransomware operations impact companies with less than 1,000 employees, and 69 percent of ransomware attacks impact companies with annual revenue of $100M or less.
Many small and midsize businesses (SMBs) can’t afford large, in-house security teams to mitigate this trend. Often, they may only employ one or two staff handling all IT responsibilities across the entire business, or they work with an outside managed security service provider (MSSP). In other instances, security may be an afterthought or an accepted business risk.
Unfortunately, the attack surface is ever-expanding, especially with the adoption of public clouds and containers. As larger enterprises scale people, processes, and tools to fortify their security, bad actors are increasingly turning their attention to a more vulnerable target: SMBs.
That's why it's essential for small and midsize businesses to implement Illumio Zero Trust Segmentation (ZTS), also referred to as microsegmentation. ZTS contains the spread of breaches and ransomware across an organization’s entire hybrid attack surface by visualizing how workloads and devices are communicating, creating policies that only allow wanted and necessary communication, and isolating breaches by stopping lateral movement.
Here are 10 reasons why small and midsize businesses need to implement Illumio ZTS.
1. Quickly reduce your risk of breaches
ZTS helps organizations solve some of the hardest security challenges they face today, including reducing the impact of the next inevitable breach.
Most devices, applications, and resources in networks are free to talk to anything they want — a vulnerability bad actors leverage to spread throughout a network once they bypass prevention and detection methods. ZTS provides the ability to control traffic between devices or network segments and establish trusted communication between sources in a network, making it impossible for cyberattacks to spread and cause catastrophic damage.
If you ask yourself how many ports or protocols must be open in order for systems to communicate in the network, the answer is probably a number you can count on your hand. This means SMBs can gain immediate value with segmentation by quickly blocking the handful of risky ports where ransomware commonly traverses, such as RDP, SMB, and TelNet.
With limited time, staff, and budgets to address security comprehensively, Illumio ZTS allows SMBs to quickly and easily close some of the most common (and most dangerous) security gaps in their environment today.
Some security tools require dedicated staff to manage their products, sift through logs and alerts, and develop a response plan to incidents for remediation — and when an attack inevitably occurs, that staff is racing against the clock. In any security architecture, the slowest link in the chain is between the keyboard and the chair. Most modern cyberattacks will spread faster than any human — and sometimes tool — can respond to and contain the attack.
Illumio ZTS can be deployed and operated by an individual or small team and is proven to save time compared to segmentation with traditional, legacy firewalls. Once you gain visibility into your network traffic and its associated risk, it’s simple to create, test, and implement the security policies needed to segment your environment. This ensures that when something is compromised in your network, you have the peace of mind that the breach will be contained at its source and can’t spread further. You then only have to worry about remediating a few machines rather than potentially your entire business operations being on the line.
3. Secure your employees’ devices so threats don’t spread
Endpoints are often the source of network breaches, as a single compromised device can lead to a full cyber disaster for your business. Attackers know they’re less likely to get caught breaching SMB networks because SMBs simply don’t have the same size staff or security stack as their enterprise counterparts.
With a lack of tools and people to run them, the time between intrusion and detection can be substantial, giving bad actors more time and opportunity to slip in and out unnoticed.
Regardless of whether your employees work from home or in the office, Illumio ZTS can help you see your endpoint traffic and then control access from those devices so that only allowed users can access certain applications in your data center. And because ZTS is attack-agnostic, you have protection in place whether your employees accidentally click on a malicious link, connect to a suspicious WiFi network while traveling, or any other number of scenarios. ZTS can isolate cyberattacks to a single compromised device so that the breach can't spread and infect others in your environment, ensuring your critical business assets are secured.
Many SMBs don’t have the luxury (or budget) to continuously upgrade their technology every few years. This means they often need to make due with legacy and end-of-life resources that can make getting new updates or installing security tools difficult, if not impossible.
Illumio ZTS enables a Zero Trust security architecture with or without installing an agent, ensuring consistent security across both modern and legacy resources. This approach also applies to devices that cannot accept an agent, such as IoT devices like controllers, sensors, and cameras.
5. Limit disruption by testing policies before deployment
For SMBs in particular, often with limited budgets and personnel, it’s vital that any new technology projects are implemented right the first time — without the need for constant rollbacks and adjustments that can cause disruption and leave the networkexposed to attacks. Because IT and security team members at SMBs can be responsible for wearing many (or all) the technology hats at an organization, you don’t want to be the one to make a mistake and risk valuable operational downtime.
Security teams can avoid this problem with Illumio’s Draft View. Illumio will simulate the impact any new rules will have once deployed, prior to deploying them. This enables teams to modify and fine-tune policy while in simulation mode without the risk of breaking anything once policies are enforced. Implement ZTS with high confidence when you use Illumio.
6. Comply with cyber insurance security requirements
Cyber insurer Coalition disclosed in a mid-2022 report that the average cost of claims for SMB owners had surged 58 percent compared to 2021.
The reason we're seeing insurance carriers and regulators push for segmentation, even down market into SMBs, is because containing an attack to just a few devices decreases recovery costs dramatically. That's why you see updated underwriting packages from carriers where segmentation is now required for critical assets or endpoints (which are typically the starting point of many breaches).
Carriers are tired of paying out for breaches that could’ve caused much less damage with breach containment tools like ZTS in place. Fortunately, you can control recovery costs in a major way with Illumio ZTS to stop the spread of breaches.
Illumio ZTS can help you meet best-practice security frameworks by:
Identifying all assets and map interdependencies between them
Protecting assets from threats by containing the spread of an attack
Detecting unexpected behavior based on event data
Responding to ongoing threats to minimize the impact
Recovering from an incident and restore the environment
Minimizing an attack’s impact on operations
8. Get better ROI across your entire security stack
Why are cyber insurance carriers and security frameworks all encouraging segmentation? The security community and risk industry understand how powerful it is as part of a defense-in-depth (DiD) strategy — a layered approach to security. ZTS is key in achieving DiD alongside your other security tools and processes.
The reality is that most security solutions are reactive in nature, relying on breach detection mechanisms. But what happens when a brand-new attack is unknown by detection tools? Bad actors can freely spread throughout the network, leaving a time delta between the breach and its discovery and remediation — sometimes days but oftentimes months or even years.
Security teams want Illumio ZTS because segmentation closes the time delta between breach and discovery. Despite differences in tactics, malware repeatedly spreads over the same protocols. If you can build DiD by controlling those protocols and not relying on detection exclusively, you get immediately increase ROI across your security stack by providing more time to react, investigate, contain, and remediate the breach.
9. Achieve segmentation faster than traditional, legacy hardware
Organizations have historically achieved segmentation with hardware tied to the physical layer of the network, requiring a fragile re-architecture with significant disruption to business operations.
Illumio ZTS takes a different approach using a lightweight, agent-based solution. Instead of touching the physical layer, you do all orchestration on the hosts, unified into a central console that allows you to write rules without having to consider the underlying network architecture at all. Agent-based ZTS shines because you can move as quickly as you are motivated to without needing to touch the physical network. This allows you to achieve segmentation within hours, not months.
10. Quick, easy segmentation for teams with limited resources
Illumio has helped hundreds of SMBs proactively prepare for breaches and ransomware attacks with ZTS:
Beverage manufacturer Lion was victim of a breach that shutdown operations, then identified Illumio ZTS to ensure they reduced the impact of cyberattacks in the future.