In recent years, small businesses have become an easy target for malicious attacks, hackers, fraudsters, and data encryption and extortion. Also, vulnerability of financial, and commercial data to theft or exfiltration is a serious issue. In some cases, this situation is exacerbated by the fact that small businesses don’t typically have full time IT support staff, if any at all. Outlined below are some simple, essential steps, that can be taken as part of an overall security strategy in your Business.
1. Install anti-virus software on every computer, including Macs.
New threats emerge hourly, and can come from anywhere—email, websites and removable media like USB keys and CDs. Up-to-date anti-virus software is essential for keeping your network safe from both known and unknown threats.
While it is true that there are far fewer viruses written for Apple computers, they do exist. But the bigger threat comes from the fact that these machines can be carriers. If your computers are networked, malware can be passed around easily without your knowledge. Or worse, you can forward a malicious file to a customer, placing their network at risk.
Make sure every computer you have is running with a fully patched operating system, and is protected with up-to-date anti-virus software.
2. Control the use of non-essential applications by policy or restriction.
Productivity reasons aside, it pays you to take steps to reduce or eliminate the use of programs such as peer-to-peer file sharing, instant messaging and games on your computers. These platforms are often web-based or web-enabled, so they consume a lot of your Internet bandwidth. What’s more, they are increasingly used to spread malware and steal confidential information.
Prevent these programs from being installed by restricting administrative privileges on your computers. Use an anti-virus program that helps you identify and block potentially dangerous or unwanted applications.
3. Restrict the use of removable media and other non-approved storage devices.
USB keys, CDs, and DVDs can contain unauthorized software that puts your network at risk. Malware like the Conficker worm is becoming a major issue as it can be spread via these devices. Sensitive data can also be copied onto these devices and shared with outsiders, while many recent high-profile incidents confirm how easily they can be lost.
Since you cannot reasonably eliminate these devices entirely, disable their ability to run automatically when plugged in, or consider restricting where they are used. If your business depends on removable media, scan them regularly for malware and sensitive data.
4. Control outbound as well as inbound content through the use of a business grade firewall/web and email filter.
Most firewalls are set up to block incoming traffic, but offer little or no help with outbound data. Hackers know this, and are forever devising new ways of accessing information on your computers. Once inside, they take advantage of unrestricted communication ports to spread more malware or steal confidential data.
Use a computer firewall that lets you easily and effectively control how your computer connects to the outside world. For example, certain ports on your computers should only be used for inbound traffic. This will help prevent hackers from taking over your machines for malicious use.
If you depend on computers to run your small business, then you can’t afford any disruption from a virus infection or data loss incident. Fortunately, there are simple and effective solutions available that don’t require a lot of effort or attention.
Install good Anti-Virus software, on all PCs, servers and Mac Books – also consider using an antivirus solution for any business mobile devices.
Remove Administrator/administrative privileges from computers for users that don’t require them. These types of account should only be used on an ‘on demand’ basis to install known, trusted software.
Restrict, and control the use of mobile media, such as USB keys, by means of policies or by the use of USB ‘Quarantine’ software.
Don’t rely on a simple consumer grade router, with a simple firewall for communications inbound and outbound. There are number of small business scale “Unified threat management systems” available for small businesses, that offer comprehensive security of both inbound, and outbound traffic. Look for a solution which scans users web page access automatically, or ‘inline’ and automatically checks for malware contained in emails, scripts in webpages that download viruses and Trojans etc.
Talk to your IT service provider about implementing any number of these solutions, if you don’t currently have a provider, please feel free to call and consult with one of our IT team members, about what best practice solutions we recommend you employ to protect your business today.