Want Big Biz Clients? Improve Your Security

Wednesday Mar 23rd 2005 by Lynn Haber
Share:

SMBs interested in subcontracting to big business need to consider their network security. We look at what big business demands and how several SMB owners beefed up their technology.

Computer technology — and especially the Internet — has made it possible for many SMBs to compete with big business on a more level playing field. Still, companies that rely on big business as their main clients are held to a higher technology standard.

By investing in the secure communication necessary to play with the big guys, they not only meet the requirements of doing business with large local or national accounts, but they protect their own IT infrastructures, as well.

Big Players, Special Needs
According to industry watchers, large companies have the typical security concerns of protecting the integrity of their assets and intellectual property from unauthorized access, use or malicious intent.

When a big company does business with a small company, the primary IT concern is confidentiality, integrity and availability, according to Earl Perkins, vice-president of security and risk strategies at the Meta Group.

"Most of the technology that connects large and small businesses focuses on content management. The primary concern is to ensure that the files remain secure and unaltered as they move over the Internet between the two companies," he says.

When it comes to viruses, worms and hackers, IDC's Charles Kology, research director of security products, reports that worms coming in from outside locations are the most troublesome for both large and small companies.

That said, a growing number of big businesses impose security requirements on small business partners, ranging from:

  • Requiring that their business partners meet firewall VPN requirements for all connections
  • Encrypting e-mail, documents and file transfers for sensitive communications
  • The use of specific authentication and authorization solutions
  • Obtaining certifications through vulnerability assessment audits

Security is as important to a small business' IT health as it is to a large company's. "Small companies can also be subject to the misuse or misrepresentation of information passed between companies, resulting in costly damages for the small company," says Perkins.

As a whole, small businesses tend to lag behind their larger brethren in deploying IT security solutions. According to the Small Business Administration's 2002 records, there are approximately 5.6 million small businesses (with fewer than 500 employees) and another 16 million self-employed Americans. Combine that with the low penetration rate for IT security adoption, says IDC's Kology, and the market is ripe for solution providers.

Catering to the Big Boys
Journey Electrical Technologies (JET), based in Orange County, Calif., is a two-and-a-half year-old, full-service electrical contracting company doing business with large retailers such as IKEA, Target, Sears and Starbucks. As recently as 24 months ago, the company's security infrastructure was nonexistent.

Robert Prince, systems administrator at JET, saw the handwriting on the wall. "Our security was pretty antiquated, but we recognized that the industry was moving in the direction of more robust security," he says.

Today, the $40 million company uses the EdgeForce security appliance from ServGate Technologies Inc., for virus screening, spam filtering, and intrusion protection at its main facility and its remote sites. JET has anywhere between 20 and 40 remote job sites, at any one time. The company has IPSec VPN tunneling between its headquarters and remote sites to ensure that the security technology appliance examines and filters all transmitted data.

"Our biggest security problem was e-mail viruses. However, since we installed the EdgeForce nearly two years ago, not one virus has gotten through," says Prince.

EdgeForce, referred to in the industry as a unified threat management (UTM) security appliance, offers virus screening and spam filtering using technology from McAfee and Web-filtering technology from SurfControl.

According to Prince, JET and its business partners communicate frequently via e-mail and Web-based transactions. About a year ago, a few of the large companies that JET does business with began requiring business subcontractors to bid for projects online. JET also uses online communications for secure e-mail, document imaging for plans and specs (which are sent as Adobe Acrobat PDF files) and for ordering.

Estenson Logistics, based in Tempe, Arizona, is a $50 million, five-year-old dedicated logistics provider whose bread-and-butter business comes from large retailers such as Home Depot and Weyerhauser. Estenson transports products from distribution centers to point-of-sale locations. When it comes to secure communications, Jeff Schuler, IT manager at Estenson, says he's battening down the hatches.

"We need to make sure that we're not compromising ourselves or our customers," he said.

Estenson also uses ServGate's EdgeForce security appliance for remote site-to-site VPN and firewall access, and for its corporate location for virus, spam, and Web protection. According to Schuler, Estenson has 14 sites throughout the Southwest, including its main facility. Several of the branch sites are at Home Depot distribution centers.

Estenson uses secure communications for Electronic Data Interchange (EDI) or business-to-business transactions, e-mail and Web traffic at partner portals. The logistics company communicates daily with Home Depot — its largest account — regarding invoices, load updates, accounts receivable and accounts payable.

In 2003, Schuler became the first full-time IT person at the company and within a couple of months focused on IT security. "The security appliance solved a lot of practical problems for a company of our size, and provided secure site-to-site communication at a relatively inexpensive price," he says.

Atchison Frazer, vice-president of marketing at ServGate, reports that the cost for its modular security appliance (available through Dell and other ServGate partners and VARs) is approximately $25 per user, per year.

The ServGate appliance generally sits between a router leading out to the public Internet or VPN connection to a company's distribution locations or business partners. The vendor targets small businesses ranging between between 250 and 499 employees.

SMB Eye on the Tech Horizon
Prince, for one, continues to track the direction of the industry and provide his company with the security technology that meets the requirements of the day. By year's end, he expects to focus on authentication tools.

"For us it's the next stage in security to make our environment more robust," he says.

On the forefront of security implementations, JET already deploys biometric technology, in addition to the EdgeForce.

Lynn Haber reports on IT and business technology issues from Norwell, Mass.

Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!
Share:
Home
Mobile Site | Full Site
Copyright 2017 © QuinStreet Inc. All Rights Reserved