Business Security

How do you manage cybersecurity as a one-person IT team?

Avast Business Team, 27 February 2020

Three IT pros speak out about the best strategies for fighting today’s cyber criminals

Richard Papasian The Guru

Richard Papasian still remembers his first experience with ransomware. As the owner and sole employee of The Guru, an IT services business in Los Angeles, Richard brings over two decades of software, hardware, security, and networking expertise. Even with his extensive background in IT and security, it gave him a jolt seeing the threat in action, “This happened years ago with a new client and while data loss was very minimal, I still have a vivid memory of the shock from having seen something like that for the very first time.”

Today, his days are focused on educating small and mid-size businesses about proactive security and putting measures in place to prevent cyber attacks. This approach has not only helped his clients improve their security, but has driven steady growth for The Guru. “My goal is heading off issues before they become bigger problems that could impact clients’ operations. This becomes much more complex when you’re dealing with a fast-changing threat landscape, user security behaviors, and small business budgets.”

If you consider that 76% of SMBs in the United States reported a cyberattack this year, compared to only 55% in 2018, it’s easier to understand the elevated challenges that IT professionals like Richard, managing IT and security as solo departments or businesses, are facing. In fact, phishing attacks alone have grown 65% over the last year.

Phishing attacks, remote users, unpatched software add to challenges

Thomas Glass_Saint Gertrude High School

While Thomas Glass has never experienced ransomware’s damage, as a one-person IT department for a high school, Thomas has had his share of surprises. Phishing scams have become the top challenge in his role managing IT and security at Saint Gertrude High School, an all-girls school in Richmond, Virginia.  

In fact, one in five SMBs reported that they have been a victim of a ransomware attack — and over 1,000 U.S. schools were hit by the malware last year. 

Thomas recalls a recent phishing attack where the sender pretended to be their head of school, emailing an employee and requesting a ‘favor.’ Says Thomas, “It was a clear case of phishing, as the sender’s email was a gmail.com address and not from our domain. This wasn’t the first time we have received something like this, but to the untrained eye, it could be easy to click or respond to the sender. We did have a few users respond back, but fortunately, no one provided any personal information. It’s a good thing I caught it in time and was able to warn everyone about the scam.”

Phishing email sent to a Saint Gertrude High School employee, disguised as a communication from the head of school.Phishing email sent to a Saint Gertrude High School employee, disguised as a communication from the head of school.

Layered protection for total security  

As more SMBs take advantage of digital conveniences, accessing cloud services and connecting devices from multiple locations outside the corporate network, the estimated number of passwords used by humans and machines will grow to 300 billion this year. Hence, professionals like Richard and Thomas are stepping up their game.

Rickey Klibert DWL

Rickey Klibert is also facing the challenges of the digital era and managing security as a one-person department. As IT Director at Diversified Well Logging LLC (DWL), Rickey manages everything from IT support and network engineering services to help desktop support and security services. 

DWL is a leading independent provider of mud logging services, equipment, personnel, and technology to the onshore and offshore oil and gas exploration and production industry. With headquarters in Reserve, Louisiana, the company now has five offices in the U.S. and one in Mexico.

Adding to Rickey's challenges, 75% of DWL employees and contractors work remotely. “When we’re on a job site, our systems are receiving hundreds of different inputs round the clock, and we can’t afford any missteps in our data collection. Once the data comes back from the field, we analyze it and prepare for the next deployment,” he explains.

Fighting cybercrime with limited resources

What does it take to manage IT and cybersecurity for today’s users and SMBs? Richard, Thomas, and Rickey all shared their thoughts.

What are your tips and tools when it comes to managing it all as a one person IT and security team?

Richard Papasian, The Guru: “I’m always trying to find smart ways to not only keep customers secure but increase my profit margins. For example, I’m building the managed services side of my business, which is growing, but I still need to make time to support break-fix issues that customers may have. That requires a really efficient approach to service, but I still need strong security. My best tools for success are minimizing the number of platforms I support – networking hardware, endpoint protection, and computers, etc. — and using software platforms, like CloudCare, that offer a good set of features and also enable easy deployment and daily management.

Thomas Glass, Saint Gertrude High School: “The key is finding tools that will save you time, automate your work, and give you confidence that your network is protected. My two best tools right now to protect against security threats are the Meraki MX100 firewall and Avast Business Managed Antivirus with Patch Management. The firewall notifies me of any suspicious files on devices and prevents them from being downloaded. It also blocks files that may have been previously marked as safe, but may have changed their structure and could potentially be malware. I can then address the issue and keep that device from further infecting the network. The Avast Business Antivirus, with its Patch Management feature, has been a huge time saver for me. I can schedule and automate patching right from the management console. It gives me peace of mind that devices are staying updated and safe from malware.”

Rickey Klibert, DWL: “I stay efficient by creating reminders and tasks in Outlook for recurring services like updating operating system servers or our network hardware’s firmware. I’ve learned that I can’t address every issue instantly, and sometimes I can’t resolve a problem regardless of how much time and effort is given. It’s really important to know what your limits are, push those limits, but know them, and know when to call in help or start over.”

What is the biggest challenge today to securing your customers?

Richard Papasian, The Guru: “Not knowing what the next threat is going to be, and therefore, how to prepare for it.”

Thomas Glass, Saint Gertrude High School: “For me, the biggest challenges are all the phishing email scams out there and educating my users to be vigilant when opening any email that looks suspicious. I feel as if there's a new email scam every couple weeks, pretending to be our "head of school.”   

Rickey Klibert, DWL: “My biggest challenge is securing remote offices and ensuring mobile users have safe access to our systems. For example, after a system’s deployment, it can be really challenging and time consuming to get users to cooperate and accept the changes or restart their computers. My approach is being prepared and having things in place before any deployment. Using CloudCare, I can deploy any CloudCare releases using its group policy feature, which gives me unattended access to the system as long as it has an internet connection.

When it comes to cloud security solutions, what aspects of security controls are most important to you? 

Richard Papasian, The Guru: “In this order: Strong security, performance, central management, cost, and policy creation.

Thomas Glass, Saint Gertrude High School: “A user-friendly dashboard that makes it easy to navigate all the features, performance, and reliability, automation of day-to-day tasks, budget-friendly.”

Rickey Klibert, DWL: “A product’s reputation is an essential aspect. Firms that produce underperforming products do not last long. I also look at the ease of use, scalability, and functional options. Cost is always a variable but does not carry the same weight as the overall function.”

Quicker, smarter, and more reliable cybersecurity 

For Richard and Thomas, managing IT and security as one-person teams in today’s landscape requires stepping up your game. They rely on strong endpoint and network security products for visibility across the network, as well as automation tools to stay ahead of the risks. 

At Saint Gertrude, Thomas manages nearly 120 desktop computers and laptops for staff members, as well as a Bring Your Own Device (BYOD) policy for students. After switching to Avast Business Managed Antivirus and its cloud management console, he has improved network visibility, efficiency (by 75%), and is saving 60 hours a month using the antivirus and console’s alerting and scheduling features, and other capabilities. 

This year, he added the Avast Business Patch Management service. Thomas schedules the patch management feature to scan his Windows devices every morning and install any patches needed. He estimates that he is saving at least an hour each day using the patch feature and working through the console — and every minute makes a difference as a solo IT employee. 

“This can be a pretty big job for a one-person team. I need strong security software and tools that help me extend my capabilities and save time. The patch management feature includes third-party software updates and this is a huge time saver for me. Prior to this, I had no centralized way of managing these types of updates, so I'd have to check each device individually, on a scheduled basis. Now, it's all run automatically in the background, so I can focus my time on other priorities. I save at least an hour of my day by using the admin console to run these updates.”

At The Guru, Richard has been relying on Avast Business CloudCare since 2016, continually updating as new versions are released. For Richard, the platform not only gives him peace of mind securing SMBs, but he is saving 15-20 hours each week using CloudCare’s centralized management capabilities. He also boosted efficiency by 50%-75% using CloudCare’s remote support tool and cloud-based security services.

"CloudCare has become my all-in-one security solution. It provides maximum visibility and management capabilities. I can remotely manage and deliver security services very efficiently. It extends my power.”

Rickey also uses CloudCare and added its Secure Web Gateway feature for advanced web and email protection. “The highlight for me was moving to CloudCare’s cloud-based dashboard. Now, wherever I am, I can view the status of our network 24/7. I can see threats being blocked, which computers have updated antivirus, and any other potential issues.”

“With Secure Web Gateway, I have an extra layer of web protection,” he says. “It’s a great service to scan and block suspicious websites or any other online threats. I have greater confidence that our team is protected from any location.”

Using CloudCare, Rickey has reduced administrative time by 40% through the visibility that CloudCare’s management console offers, as well as its automation tools and cloud-based security services. He is also saving at least 50 hours each month using CloudCare’s Remote IT Control, reducing his travel to DWL offices.

As cybercrime continues to serve up challenges for the channel and internal IT teams, stay ahead of the threats with advanced, reliable, and automated cybersecurity solutions. Find out more about our award-winning endpoint and network protection platform by visiting https://www.avast.com/business/solutions/network-security