|
By Deirdre Crossan
Be sure to use a network firewall, and also install a personal firewall on each computer. When the network is accessed from the field, make sure the remote devices are equipped with a firewall. They will not be protected by the network firewall. Firewalls are available as software or hardware. Although they perform – almost the same function, every small business should have both kinds.
Backup and restore: There are many ways in which data can be lost or corrupted. This means that an SMB must have a consistent backup and preservation system. Someone should be responsible for backing up your vital data daily. In addition, backups should be made on servers and on users’ hard disks. Remote users should back up their devices as well. Verify your backup system is working correctly by regularly testing to see if information can be restored from the backup copy.
Stay up to date with patches and software: Most successful attacks exploit flaws and vulnerabilities in software applications, which is why security patches and fixes should be deployed as soon as they become available. Every desktop, laptop, and handheld--both in the office and on the street--should have the current operating system, software revision and service packs. Most operating systems enable automatic searches for new updates. The importance of patching vulnerabilities is a good reason not to use pirated software, because unlicensed software will not receive adequate security updates.
Encrypt and “hide” your wireless network: The SBTI/Symantec study showed that only 40 percent of small businesses that have deployed wireless networks use encryption capable of protecting information from unauthorized access. Wireless networks are easier to exploit than wired networks because intruders don't need physical access to the hardware. The bad guys sometimes can even get access from outside the building. It doesn’t take an expert to pick up a wireless signal. The answer is to secure the connection between the wired and wireless network with a virtual private network (VPN) and install a firewall at the wireless access point.
Every wireless network has a unique Service Set Identifier (SSID) that the access point broadcasts over the airwaves--unless instructed not to. When configuring your access point, disable the SSID from being broadcast. This will essentially “hide” your network. Enable Wi-Fi Protected Access (WPA), which is a new security protocol developed by the Wi-Fi Alliance. WPA encrypts wireless data that is transmitted and prohibits eavesdropping. Avoid using older systems with less effective protection, such as the Wired Equivalent Privacy (WEP). Make sure to use a strong password (at least eight characters, using both numbers and letters) when you set up this encryption.
Secure your remote connections: Access to files while traveling or at home may improve your small business’ productivity, but it also introduces new security risks. Typically, it is more difficult to regulate computers outside the office. By using a VPN, you can establish remote connections to your internal IT resources. The VPN is a secure “tunnel” into the network, and maintains the privacy and integrity of data as it travels across the Internet. It authorizes the user and encrypts data. In addition, remote computers must carry antivirus and personal firewall software. Keep data saved and stored on remote computers to a minimum, and back it up regularly.
Many businesses rely on computers and the Internet. Are these businesses taking adequate protective measures against cyber threats? When new technology is being implemented, appropriate security should be implemented as well. The borders of a typical business network are expanding. That means that the potential for attack is expanding as well.
|
