We are dealing more and more with network security issues as everything becomes connected to our network. We are also seeing an increase in security issues with small businesses as they are much easier targets for intrusion than large companies.
Why are they an easier target? Mainly because they are not paying the attention to their security as they should. So what are the basics that we need to pay attention to?
First, think of security as layers of protection. It doesn't do a lot of good to add an additional layer, until you have the the previous layer implemented fully.
Level one - basic
1. You should train all employees on best practices for using your network.
- don't open suspicious emails
- don't use unauthorized devices on the corporate network (cell phones, personal devices)
- don't give out passwords
- use strong passwords and change them regularly
- never use free remote access programs
- don't use unauthorized software
2. Make sure you have current operating system and software updates - most are security related
3. Make sure you have a quality intrusion detection that is functioning properly and updating regularly
4. Check on a regular basis (weekly at least) that ALL computers are doing patches and virus protection
5. If you have wifi access to your network - make sure it has a strong access key
6. Have idle computers log out when not in use
Level two - better
1. Have firewall that is intercepting intrusions (not just a router) and make sure that the security subscription is up to date.
2. Have intrusion protection on email and online storage
3. Close any unused ports in firewall
4. If you need to give wifi internet access to others make sure you have a separate guest access
5. If you need remote access - make sure you have a secure connection (we recommend appliance based)
6. Use a domain server to authenticate users on your network and enforce group policies
Obviously, this is not an exhaustive list, and there are many other site specific jobs that might need to be done. We have seen that most small businesses are not doing even level one, much less level two.
All these things work together, so having a firewall without addressing the individual computers is somewhat ineffective. Also, it is unfortunate that this isn't a "set it and forget it" exercise. It is imperative that it be monitored constantly to make sure that the things we assume are happening, actually are.
The very first step is to do, or have done an assessment to determine the gaps in your security and address them in a logical order. If you, or your staff is not going to be able to stay on top of security, it will become like a guard sleeping on duty. Make sure you have someone who is responsible for it or hire a someone (like us) to get yo on the right track.
When you consider the productivity and business cost of downtime and recovery, it is imperative that you know that your computers and networks are secure. It isn't a question of "if" you will be a target, it is a question of "when!"
KNOW that your security is in good shape to minimize the risk and impact of an intrusion, so that you can do what you do.
The next topic is what to do to recover from an intrusion.