IT security checklist for middle market businesses

Is your IT security approach effective against emerging cyberthreats?

Feb 02, 2023

Key takeaways

Icon illustration of a cell

Middle market companies must implement IT security strategies that address several new challenges

Areas of focus should include domain name services, multifactor authentication and firewalls

Prescription bottle icon illustration

Working with a managed services provider can provide effective resources with a defined budget

IT infrastructure Managed IT services Cybersecurity Managed cloud and IT

Middle market businesses are facing many challenges when it comes to meeting cybersecurity demands. The transition to a hybrid workforce, for example, has created new risks by expanding the attack surface, and ransomware continues to be a major threat.

Compared to large enterprises, middle market companies simply do not have the same time, budget and resources to defend against cybercrime. The absence of the right tools and the lack of a dedicated security team often force these smaller companies to take a reactive approach to attacks.

With rising cybersecurity insurance premiums, midsized businesses must find ways to meet both higher costs and broadened insurance requirements. Security solutions that can scale as the business grows, such as cloud-based solutions, are essential.

Five aspects of IT security

Here’s an overview of five aspects of IT security your organization should be aware of when assessing your security posture.

Arrow hitting bullseye target

Domain name services security

Domain name services, or DNS, security is a method of web filtering that blocks malicious traffic on the internet. DNS traffic often flows through firewalls, making a different approach to security necessary. Without DNS inspection and filtering, workers may click on malicious website links and phishing emails, infecting your systems with malware. In this era of hybrid work, DNS security is especially important because it enforces the same security policies for remote workers as for in-office employees.

Cisco Umbrella DNS-level security provides a new layer of breach protection and internetwide visibility both on and off the network, as well as instant failover for seamless availability.

Column chart with downward trajectory

Multifactor authentication

Multifactor authentication—MFA—strengthens identity and access management by using a secondary method of authentication. Passwords are a notoriously ineffective method of controlling access, so MFA adds one or more extra layers of protection, such as a token, a single-use code or a biometric verification.

Middle market companies need MFA for access and authority management when remote users are accessing the network.

Cisco Secure Access by Duo uses an interface to provide a fast, non-disruptive, and simple authentication experience for users.

illustration of binoculars

Backup strategy

Ransomware is one of the biggest threats in today’s risk landscape, making a backup strategy indispensable for middle market businesses. When a ransomware attack hits, it encrypts all company files and sometimes deletes on-site backup files.

Middle market companies need a way to recover files, network equipment and hardware configurations after an attack. An effective backup and recovery strategy involves making several copies of data on different storage mediums and storing these backups both on-site and off-site, which can be accomplished with the cloud. Companies should also make regular backup and recovery testing a part of their strategy.

RSM provides managed services for backup that help mid-market companies follow data protection best practices, including backing up data in multiple locations and regularly testing backup and recovery.

piggy bank labeled taxes

Patch management

Cybercriminals often exploit unpatched applications, servers and devices to stage attacks. After an attack, malware may spread, moving laterally to unpatched parts of the system. Exploit attacks can also originate at the unpatched asset when cybercriminals use code to gain access and unleash malware through the vulnerability.

Workstations and hybrid servers need to be protected with patch management that conducts regularly scheduled scans to uncover and eliminate any vulnerabilities.

RSM takes over the burden of keeping track of and implementing patches through our managed services.

abstract illustration of gear and building blocks combining

Next-generation firewalls

When middle market companies apply for or renew their cybersecurity insurance policies, many insurance providers now require a next-generation firewall, or NGFW, to issue a policy.

NGFWs provide additional features that aren’t included in traditional firewall solutions, such as application awareness and control, an integrated intrusion prevention system and cloud-delivered threat intelligence. A top NGFW enables full visibility across the network and offers accelerated threat detection.

Cisco Secure Firewall makes a zero-trust approach to security achievable and cost-effective for SMBs through network, microsegmentation, and app security integrations.

Check all the boxes for IT security

If your organization is missing any of the items on this IT security checklist, working with a managed services provider (MSP) for security will help you overcome the challenges of strengthening your security on a budget. An MSP can also work with you to assess your security further to uncover additional gaps.

As a Cisco Certified Gold Partner, RSM provides managed services for leading security solutions. Our team has certified experience in Cisco solutions and takes a holistic approach to understanding your company’s security requirements.

Our advisors have a wide variety of skills; they can assist you with the solution that best fits your needs. With RSM, your company will have access to a large team of experienced consultants who can augment your internal IT staff and ensure you take a proactive approach to security.

Contact our Cisco professionals

Complete this form and an RSM representative will be in touch shortly.

Additional services to help achieve your goals