Today an open system is a compromised system. Here are some standards on how to protect your business.
It’s 2016. The number of threats to a computing environment coupled with low cost, high speed Internet access has created the perfect environment for those with ill intentions to take advantage. The most profitable route? Ransomware. Thing is with Ransomware, you know fairly quickly that your computer has become infected. However, other types of infections such as keyloggers, spyware and other software may exist on your system for weeks or months without your knowledge.
Recently, a user sent credit card information via email to pay for goods – not a good practice. Within 5 days four fraudulent charges were applied to the credit card resulting in the credit card company shutting down the card. If you think your email is not being monitored, think again. There is always someone watching and waiting for the opportunity to exploit a situation to make money.
So how do you protect your business today?
It requires a whole bunch of processes that work together to create the barrier needed to protect your people and your systems.
A firewall is a device that protects the perimeter of the network – the connection between the Internet and your internal network. Just buying and installing a firewall is not enough. You need to hire a professional to harden the firewall with rules that prevent unintended access to the system. For example, if you have remote access to the servers through the firewall, that access should be through specific IP’s documented and adhered to in the firewall. That way, the firewall will not accept connections to the servers from any other IP addresses making your network safer.
Firewalls can have integrated Wi-Fi. If the appliance used does have integrated Wi-Fi, be certain that the Wi-Fi is not connected to the internal network. This causes a bit of inconvenience for internal users using Wi-Fi since they will have to connect to the internal network using your remote access software before being able to work on office documents. But the added security means that hackers can’t just connect to your Wi-Fi and through that gain access to your network.
The firewall should have stateful inspection. It should look at every packet of information that goes through it and quarantine suspicious behavior. Expect to pay between $800 and $1,500 for a firewall with a robust set of capabilities for a small business of less than 40 people.
Outsource the management of spam. By outsourcing, email is sent to a clearinghouse before being delivered to your server. The clearinghouse will hold suspicious mail in quarantine and only deliver mail that is considered legitimate to your server. This limits the number of potentially destructive messages that your employees will receive and thus keeps your system safer.
Block Application Execution
Ask your IT to put in Group Policies that will block the execution of unknown programs. This can have the negative effect of preventing people from downloading and installing whatever they want however given the risk to today’s systems some inconvenience may be worth it for better protection.
Antivirus and Antispyware
The two programs used to require two separate purchases but today, most Antivirus packages also include AntiSpyware. Do not depend solely on this software to prevent infections. Zero day infections do not yet have definitions from the Antivirus manufacturer and can be installed and run on your system unexpectedly. Ensure that home users also have Antivirus, particularly when they are connecting to the firm’s systems. Avoid the use of VPN’s which can transmit an infection from the home computer to the office network. Instead opt for more sophisticated remote access using Citrix or Remote Desktop Services. The latter are more expensive but are much, much more resistant to viruses and infections.
Most infections are done through social engineering. All a hacker needs is one person who is not paying attention and the entire network can be compromised. Recently, the Financial Head at a law firm received an email from the Managing Partner asking for a wire transfer. Since the request for a large wire transfer of $20,000 was unusual the Financial Head called the Managing Partner to confirm. The Managing Partner had never heard of the request! Tracing the emails showed that the attacker had used social engineering to find the names of their target, determine the acceptable approach and how to carefully craft the email so that it appeared to come from the Managing Partner. This is just one of the many types of scams that we have seen.
Educate your users on cybercrime and put processes in place at your firm to prevent breaches even though they may seem to limit freedoms.
In the next installment, we will talk about some other critical things that need to be done to secure your small business.
Charles Bennett is the Principal Consultant of Triella, a technology consulting company specializing in providing technology assessments, consulting, maintenance services and CIO-related services to small and medium sized firms. Charles can be reached at email@example.com or 647.426.1004. For additional articles, please visit http://www.triella.com/publications. Triella is a BlackBerry Alliance Partner and Authorized Worldox Reseller.
© 2016 by Triella Corp. All rights reserved. Reproduction with credit is permitted.