Improving Business Security Doesn’t Have to be Difficult

This next post is a follow up to our previous post about Mobile Security. Improving the security of your business doesn’t have to be hard. Taking some basic steps can significantly improve your current security status…
First, there are the big three of security… Firewalls, Antivirus and Updates. These three form the basis of all business security platforms.

Firewalls

Firewalls should be used to protect the perimeter of your network AND critical information inside your network. You can use either a hardware firewall, such as a Cisco ASA or a software firewall, such as the firewall that comes built into Windows. A hardware firewall is the safest bet for protecting your perimeter. If you don’t have a firewall on the outside of your network, get one NOW. Don’t skimp on a firewall either… you get what you pay for. I turned up a new network a few years ago and it was attacked over 250 times in the first hour of going live!! You need a firewall that is capable of defending against these types of attacks. More on that below…

Antivirus

Good old Antivirus packages… we know them well. Those little apps that save us every time we receive that infected email or visit that compromised site. The most important part of antivirus is to select a reputable manufacturer (Symantec, McAfee, AVG, etc.) and get it installed. The second most important factor is to keep those virus definitions up to date! I can’t tell you how many PCs (and servers!) I’ve seen that have a solid antivirus package installed, but the latest virus definitions aren’t being downloaded! One other thing, make sure your users know what an actual virus alert looks like on their PC. The most popular viruses we see are the ones that trick you into believing you have a virus just so they can give you a virus!

Updates

Updates come in all shapes and sizes. One of the most popular updates that most users are aware of is the Windows update. This can be performed manually on a PC or can be automated with a tool such as the Windows Software Update Service (WSUS). Updates don’t just stop there though. Updates also include switches, routers, firewalls and other software. Most users don’t realize that just applying updates to Windows is not enough. You must also keep your other devices and software updated to be secure. Assign this responsibility to someone you trust and make them accountable for your updates.

The most important of all though is… Education…

People need to understand that there is not an individual on the other end of the Internet specifically trying to hack them. This thinking tends to lead users to believe that they are not a target. The reality is that hackers use automated, unattended mechanisms to launch thousands of attacks simultaneously.

Back to that firewall attack that I mentioned above… there wasn’t someone sitting there waiting for a new network to come online. There was an automated bot watching that specific Internet segment for new activity. The bot scanned every open port on that new firewall, then tested every open port for known vulnerabilities. The bot then reported back what it found and even launched more significant attacks against any found vulnerabilities. Kind of scary huh? Since everything was up to date, there were no negative consequences.

The Bottom Line…

Securing your network isn’t hard. You just need to take the time to do it. Hackers count on you being lazy and attack the vulnerabilities you don’t take the time to secure.