Simplicity Equals Better Security

Cyber threats today continue to grow in both sophistication and destructive potential. It is no surprise that MSPs seek out increasingly powerful and complex security products to counteract these malicious actors. However, they must be careful as they do so. A majority of MSPs are finding that endpoint protection solutions have become more burdensome in their use. This can significantly hinder efficiency and increases the difficulty of securing their clients’ network.

Security vendors have begun to add additional functionalities with no bearing in mind for the user interface and the user experience within their administrative consoles. The consoles have become crowded with a multitude of settings and commands, making it harder for MSPs and other administrators to properly configure the settings that help protect SMB environments. A minor change, like a file scan exception, can require plodding through a half-dozen screens to accomplish this most basic task. Simple actions should take no more than a few seconds of time, yet they have become a laborious, time-consuming multistep process.

Even worse, adding more steps to a process can increase the chances of making a mistake. At best, MSPs then have to backtrack and figure out what was missed. At worst, misconfigurations are set by inadvertently skipping critical steps and unknowingly exposing the network and users to cyber threats. It should come as no surprise that a recent VIPRE survey found that the leading cause of ransomware infections for 34 percent of MSP customers was that a “security solution was in place, but was not configured correctly.”

Simplicity = Greater Security

An endpoint security solution that emphasizes management simplicity will not only save time and effort, but will also greatly reduce the risk of misconfiguring the solution’s settings. Misconfiguring a business application might result in a client experiencing slow performance or disabled features. Misconfiguring a security tool can be much worse, as a vulnerability could be created that cyber attackers can exploit to deliver malicious payloads and steal valuable business data.

This truly is not just some theoretical problem that seldom pops up in the real world. Research firm Gartner projects that 99 percent of firewall breaches are caused by misconfiguration.

Cleary, adding complexity to security solutions in pursuit of functionality is not the answer. It complicates things by making the products less accessible and more difficult to set up and manage. Ironically, such vendor attempts to help organizations improve their security stance can have the opposite result. Adding functionality without regard for proper integration into the security solution increases complexity and, of course, risk of misconfiguration.

Configuration error dangers extend beyond security considerations, including the likelihood of monetary losses resulting from diminished productivity, remediation and legal fees. At a time when businesses are intensely focused on reducing operating expenses and improving efficiency, any solution that hampers productivity and boosts costs is particularly undesirable. One should always seek a solution purpose-built for the security management needs.

Conclusion

Deploying a security solution that is so complex that it undermines the ability to effectively configure it is inherently counterproductive. MSPs are under constant pressure to combat the increasing sophistication of today’s cyber threat, but any security solution selected must combine state-of-the-art capabilities with the management simplicity needed to easily ensure the protection SMBs need.

This guest blog is part of a Channel Futures sponsorship.