What every SMB needs to know about intrusion detection systems

Many small- and medium-sized businesses (SMBs) don’t feel that they need intrusion detection systems. That is, until they experience a cyberattack and by then it’s too late.

As with any cybersecurity feature, being proactive with deployment and configuration is key to its success. Also, just because your business has never experienced a cyberattack, it’s not a guarantee that attackers have not already begun scoping your network. So it would be smart to install an intrusion detection system expediently.

Here are some things you need to know about intrusion detection systems:

What is an intrusion detection system?

An intrusion detection system (IDS) is a network tool that inspects network traffic for potentially malicious behavior and alerts your IT team when an attacker is trying to break into your system.

Here are the three most common types of IDS:

• Network intrusion detection system
  A network intrusion detection system (NIDS) is a system that is deployed at strategic areas of a system, specifically at points that experience the heaviest amount of information traffic such as a subnet. A NIDS is designed to analyze large amounts of network traffic, so it tends to have lower levels of specificity, and may still miss encrypted traffic. However, its ability to scan by sheer volume and without creating a bottleneck on data flow is where it shines.
• Network node intrusion detection system
  A network node intrusion detection system (NNIDS) is just like an NIDS, except it is only applied to one node, instead of an entire subnet.
• Host intrusion detection system
  A host intrusion detection system (HIDS) is deployed on all devices that are connected to the network and the internet. HIDS often acts as a closer inspector of traffic that passes the NIDS, filtering out malicious packets that the NIDS may have overlooked.

It is not uncommon for businesses — even SMBs — to deploy all three types of IDS in their network. Having all three helps ensure all network traffic is vetted and clean.

Does my business need an IDS?

If your company handles and transmits sensitive digital data via the internet, it would be best to have some level of security via IDS. And the numbers back it up. Here are some facts from a study by UPS Capital:

• 67% of cyberattacks are aimed at SMBs
• 90% of SMBs in the US have no data protection measures
• 60% of SMBs go out of business within 6 months after experiencing a cyberattack
• Cyberattacks cost SMBs anywhere between $80,000 and $150,000 per cyberattack

Chances are, your business will benefit greatly from IDS. Every dollar counts and continuing to operate without ample cybersecurity puts your company at risk of financial loss every day.

What do intruders do when they get inside a network?

Here are some of the most common attacks cyber intruders conduct on SMBs:

• Scanning attack - attackers send data packets to the network to see where its weakest parts are, to plan a future, more significant attack.
• Asymmetric routing - attackers send data packets through a network’s regular channels in an attempt to find a different, unsecured entryway for a future, more significant attack.
• Buffer overflow attack - attackers try to force a server’s memory to “overflow” with data, forcing a crash that can hide a future, more significant attack.
• Malware attack - attackers send destructive software such as worms, trojans, viruses, and bots, in an attempt to disrupt or even destroy a system.
• Denial of service attack - attackers flood the system with huge volumes of assorted traffic, in an attempt to disrupt and overwhelm a system.

An IDS can be configured to recognize and identify these kinds of attacks, so that they can be prevented long before any type of attack can even begin.

Keep intruders out of your company’s data system with OutsourceIT’s IDS solutions. We’ll make it simple and easy for you, so that you don’t experience any disruptions. Contact us today to learn more.