Kaspersky Small Office Security (KSOS), launched March 14, is aimed at businesses with 10 or fewer employees. Companies that size are often in security limbo, typically using either consumer software or products created for larger businesses, which are more expensive and may have features that a very small business doesn’t need.
“Very small businesses often think of themselves as being ‘under the radar’ of hackers. But the fact is, that they are very much targets,” says Jonathan Penn, vice-president serving vendor strategy professionals with Forrester Research.
So Kaspersky saw “meaningful market opportunity,” says Peter Beardmore, director of brand marketing for Kaspersky. If employees are using their computers like consumers, but are also hooked up to the business’s network, then valuable information from government or insurance systems is at risk, Penn says.
A typical small office may think it’s enough to have individual passwords on its computers and basic anti-virus programs built for the average consumer’s laptop. “That is patently false,” says James McCloskey, a senior analyst with Info-Tech Research Group, and these businesses are, in fact, holding onto serious information.
Kaspersky uses dentist’s offices and private law firms as prime examples of this. In a Niagara Falls, Ont. dentist’s office, Janice Crossman says an identity management system is used to ensure security. Each employee has their own distinct log-in and password, and everyone has different levels of access to private information, depending on their job. The office also has an anti-virus program, Crossman says.
A look at the home screen of the KSOS application.
Those basic measures are a good first step, but it’s not necessarily enough, according to Beardmore, who says not all offices even go that far. When it comes to sensitive data like social insurance numbers, credit card information, birth dates, or even basic contact information, it may be up for grabs by any ill-intentioned hacker.
“We need to educate our customers,” Beardmore says, since even the smallest businesses still have legal and ethical responsibilities.
Business owners also need to think of their security policies from the customer’s point of view, McCloskey says. They might not think contact information is particularly valuable, but the customer likely does, and it’s important not to sour that relationship.
With the new software, employers can take advantage of central management and remote access to their employees’ PCs, to run scans or update security licenses. This is important, McCloskey says, because if employers have to work on their staff’s computers individually, the cost can be crippling, and so they simply don’t do it, which can be disastrous.
The software also includes data encryption for sensitive information and an integrated password manager (IPM). The IPM stores each employee’s login passwords in an encrypted digital vault on their PC, and then automatically logs the user into password-protected websites and applications.
The idea is to encourage stronger passwords and generally more careful practices, Beardmore says. Users can also run a portable version of the password manager with a USB.
Employers can also work on their team’s productivity, by limiting access to or amount of time spent on sites like Facebook, Twitter or other sites deemed inappropriate to use on company time.
But it’s important to stay flexible, Beardmore says, and about “giving customers tools to do what they think is important.” That means that if one employee’s job requires the use of social media, they can have access, but maybe not other employees who might abuse it.
Apart from finding the right solutions for their particular business, owners also typically face an expertise barrier, Penn says.
Beardmore agrees, and says this is why the new software is considerably more user-friendly than other products for businesses with dedicated IT departments. “You don’t have to be the security guy to use it,” Beardmore says.
With privacy regulations and credit card policies becoming stricter, he says, businesses need to be extremely careful with the information they hold. “The common message is that ignorance or lack of required skills is no excuse,” McCloskey says.
“I don’t want to say it’s easy, but it’s easier,” he says. Other security vendors are likely to create products targeting very small businesses.
Kaspersky is also offering free technical support via phone, e-mail and live-chat in North America.
The software is currently available through office retailers, authorized resellers, and Kaspersky Lab’s e-Store. Kaspersky Small Office Security is sold in bundles of five-PC licenses and one-server license for $199.95 per year, or 10-PC licenses and one-server license for $399.95 per year. Additional license purchase options can be viewed on Kaspersky’s Web site.