Is your small business protected from hackers and other cyber-attacks? You may think all you really need is a firewall and an antivirus program, but that’s not true at all. You need to have multiple layers of security to make certain no one can break through your defenses and steal or destroy your data. If you only have limited protection, you may find that your network is easily compromised after just one simple attack. Using a combination of the following will lock down many different avenues of entry into your network via multiple layers of security.
- Have a Strong Firewall
While having just a firewall is not enough for protection, you certainly do want a firewall installed. Firewalls generally act as the first wall around your system. They help prevent intruders from getting into your system. There are a few different ways you can implement a firewall such as a “Network Address Translation.” At the very least, your firewall will protect you from a number of different types of attacks.
- Use a Virtual Private Network
A Virtual Private Network (VPN) is a way of protecting your server and other online resources. When an employee uses public Wi-Fi, they are leaving your system vulnerable because that Wi-Fi isn’t secure. By using a VPN connection, however, your employees can log in and have access to everything they need while still keeping your network confidential and secure. All network traffic done through a VPN is encrypted. While it can be expensive for a small business, it’s certainly worth it if you have employees working while traveling.
- Intrusion Prevention and Detection Systems
A network intrusion prevention and detection system such as Snort will monitor your system and let you know if any suspicious activity occurs. These systems may note strange accounts trying to gain access to the system or alert you to information being sent from your system that you did not authorize. When the detection system notes someone trying to hack into your network, the prevention system is activated. It actively blocks intrusions while they’re occurring, so your IT staff doesn’t even have to be in the building when an attack is detected. These systems aren’t always something a small business owner thinks about, but they’re certainly necessary if you want to keep your system safe from hackers and other malicious users.
- Malware Detection
Malware detection will alert you to any strange and potentially harmful software that has been located on your computer. Antivirus software often doesn’t detect this type of program because it’s designed a little bit differently. It looks like a standard program, but malware may transmit information to other sources or may silently record everything you do. Malware detection can help defeat malware that’s coming through your browser, a plug-in, and email.
Whitelisting will help cut back on malware and other unauthorized programs by simply not allowing them to run. It’s very similar to whitelists in emails. When you create an email whitelist, only those addresses on the list are allowed through the filter. Likewise, an application whitelist only allows the listed programs to run. Any program not on that list that tries to execute will be denied access to system resources. Programs often recognize which applications are necessary for your computer and your most-used programs to run so they don’t’ require a large amount of configuration. Many run alongside antivirus, anti-malware, and other defense systems to help create an impenetrable wall around your network.
- Spam Filtering
When people think of a cyber-attack, they usually think of hackers, not spam. However, spam is often used in phishing, virus and malware placement, and more. If nothing else, it fills up your inbox and server. By configuring a spam filter, you can have most of this junk sent directly to the trash bin and deleted. Of course, you do have to be careful that the filter isn’t set so high that it’s capturing good emails along with the bad, which is why you’ll want to check a new spam filter every few days for a couple of weeks to make sure you don’t need to change any settings.
- Updating your Software
It’s absolutely vital that you keep all of your software and your operating system up to date. While it may be a pain to install these security patches and software updates, especially if it seems like they’re being released often, it is necessary to keep your computer and your network safe. These patches often address critical holes in the software security that can be exploited by hackers. By installing the patches, you’re closing off those holes and keeping your system secure.
Unfortunately, in small businesses, it may be up to each individual computer user to install the updates on his or her system. Users may overlook doing updates regularly, leaving their individual computer open to attack. You need to stress that all updates and patches be installed as soon as they are released if you cannot have them installed system-wide via a server.
- Physical security
Finally, while working on your cyber-security is certainly important, you also have to keep in mind physical security. If someone can walk right in and access a computer, your online security is all for naught. You need to make certain your server room is absolutely secure and that only IT staff has access to it. Someone may be able to enter and steal a hard drive or other information directly from the network. All flash drives and company laptops need to be secured at all times when they are not being used, and employees should never remove any of these items from the office unless they are authorized to do so and need to do so.
Sheza Gary has been a Project Strategist since 2009 and has been involved in the launching of startups and tech companies in New York for over 5 years. She has keen interest in writing her own experiences about business plans and upcoming business supporting technologies. She loves public speaking.