The cybersecurity needs of small- and mid-sized businesses (SMBs) differ from those of large enterprises, but few solutions cater to them. A 2018 Cisco Cybersecurity Special Report found that 54 % of all cyber attacks cost the target company more than $0.5 million — damages that would crush most SMBs. However, smaller companies rarely have the IT talent, tools, or budget to prevent such attacks.
Without a cohesive cybersecurity framework, SMBs are falling further behind as digital transformation, or DX, ramps up. Embracing digital transformation becomes even more of a challenge without a dedicated platform to address vulnerabilities.
I spoke with Maurice Côté, VP Business Solutions, and Martin Lemay, CISO, of Devolutions, at the RSA 2020 Conference in San Francisco recently. Devolutions is a Montreal, Canada-based company that provides remote connection in addition to password and privileged access management (PAM) solutions to SMBs. You can get a full drill down on our discussion in the accompanying podcast. Here are some of the key takeaways:
PAM is crucial to all companies because it reduces opportunities for malicious users to penetrate networks and obtain privileged account access, while providing greater visibility of the environment. Current PAM solutions cater almost exclusively for large organizations.
Suppliers simply strip down their enterprise versions to sell to SMBs, with their solutions being prohibitively expensive for SMBs. Poorly implemented authentication can also lead to network breaches and compliance headaches.
Devolutions was established a decade ago and fills a gap in the market. It delivers simple but effective IT software solutions that give SMBs the tools they need for effective universal password and access management, including PAM, password management and remote connection management. In particular, the company’s PAM solution is affordable, robust, and easy to deploy and ideal for companies with limited financial and human resources.
As Côté points out, “We don’t have the bells and whistles, but what we have is what small and medium businesses need because they can’t afford the big players out there.”
In smaller businesses, IT managers wear many hats. The IT manager at an SMB must not only refresh company equipment, but they also have to plan and maintain IT and electronic data operations, and even recruit and train staff. Security is just one of many complex responsibilities. As Lemay explains, “it is not uncommon to have a director of IT with 2,000 or 4,000 connections in their environment. That’s where the tool comes in — it helps manage all those connections.”
Productivity is also a concern, with multiple tools requiring passwords. These can include the business applications that support customer and partner transactions, as well as the hybrid cloud network software infrastructure supporting them all. Each connection needs to be authenticated and privileges enforced. Devolutions’ tool speeds up the process by integrating everything for the team, so that they can launch a connection directly. It can also enforce two-factor authentication.
As Lemay explains, “You forget there’s a need for a password. That’s our goal.”
Dealing with DX
SMBs are moving toward cloud services more, which brings its own challenges. Each cloud becomes an identity- and access-management space, so if you use other third-party products, you end up with multiple identities, and these are not interlinked.
Managing the complexity of all these identities makes it easier for staff to do their work. “We hide the complexity of all these providers and all of these technologies,” Côté told me.
Côté reveals that the company has grown organically to about $10 million in sales annually without the need for any big campaigns. Customers love the product so much, they spread the word.
The company grew from consultant David Hervieux’s decision to take matters into his own hands when he could not find a tool to log into his customers’ infrastructure securely and quickly. One day, after he had spent four years working out of his basement on Remote Desktop Manager (RDM) — a remote connection management solution centralizing RDP, SSH, VNC and more than 60 different remote desktop technologies — he received a call from a US-based company seeking a white label solution of RDM. He accepted their offer of $100K for the project and used it to hire two employees—who still work at Devolutions a decade later.
The company also offers a free version of the product with no limitations, which has 160,000 users. “And we don’t intend to turn them into paying customers. We offer a product that has a ton of value,” Côté says. “It’s really about offering value.”
I believe there’s pent up demand from SMBs for cost-effective services that can reduce the potentially catastrophic cyber risks they face every day. It’s encouraging to see vendors like Devolutions stepping up to meet that demand. I hope there’s more to come. I’ll keep watch.
Last Watchdog’s Melanie Grano contributing.
Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.
(LW provides consulting services to the vendors we cover.)
*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/new-tech-devolutions-pam-solution-helps-smbs-deal-with-rising-authentication-risks/