Having written one of the first computer security books three decades ago, I’m often asked by reporters, pundits, and students what’s changed in our industry over the years. I like to respond by dodging the question, offering instead dozens of examples of things that have not changed: Complexity was then, and remains now, the scourge of security. Software was then, and remains now, too riddled with bugs. And on and on.
But if challenged to identify some aspect of our industry that really has changed, I often reference a shift in our understanding of who gets targeted by bad actors. Where previously it had been presumed that only large organizations with valuable assets would be targeted by cyber attackers, we have since learned that this is just not true. Small and medium businesses (SMBs) have been targeted just as aggressively.
With this target shift on our minds, the TAG Cyber team met last week with Detroit-based start-up AaDya. Founded by security industry veteran Raffaele Mautone, the company markets a cloud-based platform called Marzo4 that helps small business users reduce cyber risk and maintain compliance. I found the discussion to be quite clear and succinct, so I wanted to share with you a brief summary of what I learned.
“We know that small and medium sized businesses are obliged to meet the same security challenges that larger companies have dealt with for many years,” Mautone explained. “The drawback for smaller businesses, of course, is that they don’t have the same sizable budgets or deep staff found in larger organizations. So, they require a security platform that’s easy to manage with sufficient protection against threats.”
The AaDya platform is called Marzo4 and it comes with a virtual automated assistant they’ve dubbed Judy. This clever tool works across the full slate of devices deployed by an SMB. Judy is designed specifically to help simplify security and administrative costs – and as a virtual tool, it works 24/7. The specific SMB-focused cyber security functions that Judy enables via Marzo4 are as follows:
Single Sign On – This function includes assistance for SMB users with their login information, thus making it easier for them to bypass login screens for common on-line tools such as Microsoft Office and Slack.
Password Management – This function includes secure vaulting of passwords to make certain that only authorized access is ever allowed to the on-line resources and services used by a small business team.
Anti-Phishing – This function includes review of URLs included in emails, embedded in webpages, or entered into the browser, to reduce the risk of users clicking on dangerous links that could lead to information loss or other threats.
Endpoint Protection – This function includes protection of small business endpoints with on-going monitoring for evidence of inbound ransomware, spyware, malware, and other potential threats to the small business.
From an analyst perspective, these are exactly the types of security support functions one would expect in an SMB. And this should come as no surprise, since Mautone has considerable experience in companies such as McAfee, FireEye, and Duo, where he served as CIO and VP of Operations. “SMBs will benefit from the personalized security support in our platform,” he said. “This helps remove the need to hire staff or pay for additional security services.”
One challenge AaDya will have to deal with is the transient nature of the SMB community. They will also have to address the challenges of reaching such a vast potential customer base, one that often requires that cyber security vendors form channel partnership. Nevertheless, if anyone can decode this challenge to reach SMBs, it’s Mautone. His experience will certainly come in handy.
If you are an SMB, or if you are a business that serves SMBs, perhaps you might contact this fine Detroit-based company to get a demo (where you will hear reference to Judy quite a few times). Ask them to share their roadmap, and to help you understand how your own security and compliance needs will be met by this platform. And as always, I hope you will take a moment to share with all of us your own experiences with AaDya.