Attacks originate from both internal and external sources –
is your business protected?
63% of cyber attacks are on small and mid-sized business.
When it comes to network security, it is easy for small to medium sized businesses to say “not me”, “they are only after the big guys.” The reality is that 63% of cyber attacks are on small and mid-sized business, and that number is only going to increase. It is just easier for hackers to go after small to mid-sized businesses due to their relaxed or non-existent security policies.
An easy way to think of network security is that it is the equalivent to the locks on your doors and the security system at your home or office, they keep the bad guys out. Just like there are different types of locks and security systems, there are also various levels and types of network security. Below are the top six security protections that every business should have in place.
- Network Access Control - Internal and External.
This is controlling who can and can’t access data, files, devices, and your network internally. You are controlling what someone can do within your network.Then there are firewalls, which is the barrier between your internal network and untrusted outside networks, such as the internet. This lets you control your staff’s web use, sites they can go to and block any outside threats or dangerous websites. This should always be a business class firewall, not an “off the shelf” unit from Best Buy or Office Depot.
- Antivirus Software.
This software is used to protect against viruses, Trojans, ransomware, or spyware. Besides the obvious reasons, malware can be very dangerous because sometimes it will stay hidden within your network for days or weeks, just waiting for the right time to spring up and attack.
Antivirus software scans files looking for suspicious entries and tracking files afterward to find any that may have slipped in and are hiding.
- Application Security – OR Updates and Patching.
This type of security is important to have because no piece of software or application is created perfectly.
Hackers are always looking for holes or weaknesses where they can sneak in. As quickly as software providers provide a fix (update/patch) for the “holes”, the hackers have found new ones. It’s a never-ending game of cat and mouse between the software companies and the bad guys – you don’t want your business to get caught in the trap.
If your business uses computers, this type of security is a must-have and should be done a a regular routine basis.
- Wireless Security.
With more business being conducted in the cloud, think hosted programs and applications, and the use of wireless devices, this is quickly becoming a favorite target for hackers.
Wireless networks are not as secure as wired ones, and the default passwords for these devices can easily be found on the dark web, allowing easy hacker entry. Any business with wireless need to be sure that their security is strong and that all default passwords have been changed.
- Email Security.
If you’re like most businesses, your email is pretty important. Considering that email is the number one threat for a security breach, email security is an absolute necessity.
Hackers with access to your email can do all kinds of damage, such as blackmail or emailing on your behalf to deceive your clients and send them to sites full of malware. Email security can help block these attacks and control what is sent out.
- Employee Training.
The number weakness for businesses when it comes to network security, is the people who work in the business – your employees.
From falling for phishing emails, and clicking on links, to being a victim of business email scams (wiring money or giving out sensitive data), human error is at the core of this incidents and can be prevented.
Educating employees on security protects your business. There are many options available from self paced videos to in-house 1 hour lunch/dinner and learns. Decide what works for your business and get started.