More and more, SMBs are becoming the victims of cyber crimes. According to an article on scmagazine.com this is because SMBs represent a sweet spot between security and profitability.
Since October is National Cyber Security Awareness Month I thought I would give you some tips to help protect your small business from these opportunists.
For more information about NCSAM and online safety please visit http://staysafeonline.org.
Use a firewall
Firewalls are designed to prevent unauthorized access to a network or device and there are two types.
Personal firewalls work at the device level and are best suited to micro businesses (just a couple users and no server) that don’t have the budget for a firewall appliance as well as laptop users who are frequently not within the confines of a secured office network.
A firewall appliance is the preferred solution for small to medium businesses. It eliminates the need to install software on each device (save for laptops) and prevents unauthorized access at the network level.
Appliances don’t slow down traffic as much as their software counterparts and are generally much more highly configurable.
Use and update anti-malware / antivirus software
Obviously you NEED AV software, but if it’s not current it’s not going to be able to do its job.
Too many times I have seen computers that haven’t had an AV update in weeks or more and I can’t tell you how many times I have worked on a PC and saw the little telltale that says “Your AV Subscription Has Expired”.
If your subscription has expired or you aren’t automatically updating your devices then you are exposing yourself to unnecessary risk.
Patch your servers, PCs and laptops
In addition to antivirus software you should also be patching your devices regularly. And this isn’t limited to Windows patches only.
Applications such as Adobe Flash and Reader, Java and browsers should also be patched as the programs are often exploited by cyber-criminals.
Related Article – Software updates are a pain – here’s the cure
Secure your WAN
Often overlooked, wireless routers and access points are another traditional weak spot for SMBs. When we do network audits for customers and prospects we always check to make sure that wireless security is enabled and appropriate encryption is being used.
Far too frequently, though, their wireless network is either wide open or using WEP encryption. WEP is better than nothing, but barely. It is easily hacked and, in my opinion, should be never be used.
A non-protected or poorly protected WAN is a great way for those inclined to gain unauthorized access to your network.
More info – WEP is weak
Guest access to WAN
Speaking of WANs, you might also want to consider a separate network for guest and mobile wireless access.
Devices that are not part of your company network – and may be infected – can spread those infections wirelessly. While this hasn’t proved to be a big threat from SmartPhones and tablets to date, odds are that it will be an issue in the not too distant future.
Guest access separates your company network from the guest network so the two will never meet and viruses won’t have a path to your business LAN.
Secure your email
Email has been a favorite way to spread malicious software. If you host your own email server then you should be looking for a solution that runs on the server or, better yet, before the server.
I recommend a cloud solution for our customers. Not only does it stop viruses from ever reaching the server it also takes the load of scanning emails off the server.
If you don’t host your own email server then you should have a good AV program that has email client integration that will strip malicious attachments from emails.
Use web filtering
Malicious sites are abundant and an easy way to fool someone into installing a virus under the guise of a software update or a toolbar or any number of other deceptive practices.
Related articles – Reveton, DNS Changer
This is where AV software and personal firewalls often fail because the user THINKS this is a legitimate installation and that the firewall or AV software is wrong.
How many times have you received the instructions “Before installing this software please disable your AV software as it may interrupt the installation” or something similar?
There are legit reasons for these messages but how are YOU to know which are and which aren’t legit?
I recommend web filtering and DNS blocking software to our customers. There are several options you can choose from but we like a few such as McAfee SaaS, OpenDNS and a couple others.
These solutions keep a list of malicious sites and redirect you from them to a page stating that the site is quarantined.
And if the site hasn’t been quarantined they will scan the page you are trying to reach for malicious code before delivering it to your web browser.
Use strong passwords
I wrote an article that touched on this a while back, but in short, don’t use 1234, PASSWORD or anything else that might be easily guessed.
Use complex passwords that are impossible to guess and of sufficient length and complexity to be nearly un-hackable. But they can still be easy for you to remember.
“This1sAPrettyC0mplexPW!$” and it’s fairly easy to remember. But it would take 9.38 hundred billion trillion centuries for the worlds fastest computer to hack. That’s a pretty long time.
Educate yourself and your employees
This is probably the most important thing you need to do because there is no technology that can overcome users installing software, turning off AV or opening email attachments.
Write a company policy. Explain the dos and don’ts to your employees. Set expectations as far as usage and compliance. Have them read and sign the policy so they understand the gravity of it.
Backup your important stuff
Some viruses are very difficult to remove. Some will damage operating systems. Some will delete or corrupt files. To save time and money sometimes the best solution is to revert a machine to it’s previous state.
This applies to servers, which you should already be backing up, as well as workstations.
Some PCs come with a “rescue” feature that will restore a machine to it’s factory default configuration. This helps, but after the restore you need to re-install all your apps, printers, etc, which takes time.
And you may not have the installation CDs or downloads, you might have lost the license keys, etc.
For a small investment in decent imaging software and some storage, you can backup all the workstations and laptops in your office and restore them to a previous state in very short order.
For more information on backing up workstations see my article on preparing for a Windows 8 upgrade.
Your turn. Share your security tips for Cyber Security Awareness Month in the comments section.