If you have ever searched Internet security topics online you will know that there is no shortage of available information and this in itself is a problem. Way too much information usually written by geeks in geek language leaving most people more confused than before. A lot of the information is excellent but there is also a lot of poor and even erroneous advice. Knowing how to sort out the good from the bad and find what is important amongst fluff is mission impossible for most.
We have created the “How To Protect Your Business Online” to assist business owners and managers to implement better security that might save them from disaster.
Doing business in the 21st Century requires an Internet connection and some type of online presence. The problem is going online for business exposes it to all the same dangers as private users, plus a number of additional threats associated with business. Most business owners or managers are too preoccupied with just keeping their business running and competing in an increasingly challenging environment.
A little knowledge and the ability to conduct at least a cursory audit of current security protection could save your business from disaster. The current level of ignorance and delegation to others that might be less than competent is a time bomb waiting to go off for many businesses.
Twenty years ago hackers and virus makers were computer nerds that enjoyed the challenge of breaking into people’s computer systems. Today they are professional criminals focused on breaking into systems for financial gain. Many have the backing of bigger criminal organizations which provide them with access to tools and resources that the nerds of twenty years ago could not have even dreamed of.
Malware is the toolkit of Cyber-criminals and the attacks they make are becoming increasingly sophisticated, employing multiple malware techniques with social engineering to create new hybrids that can evade detection by anti-malware protection and using multi-staged attacks. One seemingly innocuous attack can covertly open the door for another piece of malware to get in which can ultimately open the entire system to cyber-criminals.
Business in particular is the target for Cyber-criminals because company bank account balances tend to be much bigger than private accounts.
Anti-virus software and firewalls are necessary but limited and do not even address half of the online threats that businesses face today. Software solutions alone can’t protect your business online. There are many security threats you just need to be aware of and take some simple precautions.
Everyone is aware of the threat of malware infection email exposes a business to but, there is another danger if your business sends sensitive information via Internet email. Most will be surprised to learn that this is one of the most insecure systems they could use. The message is actually transmitted in unprotected plain text from your computer to the recipient via many other servers on the Internet and can easily be intercepted and read without your knowledge. If you believe some privacy advocates, all email is already being scanned and stored by the US government. Regardless of if you choose to believe this or not, doing so would be very easy as most email passes through government controlled servers. The point is, email is not secure.
Even if your Internet security is locked down from external attacks (most are not) there can be a danger from within. Employees often have a lot more access than their work actually requires and this increases the danger of disgruntled or ex-employees accessing and copying confidential company information and using it to the detriment of the company. This could be leaking highly embarrassing and damaging information. There is also the risk of industrial espionage and sabotage. How valuable is your information, especially intellectual property? An employee could spy on behalf of the competition or make subtle or not so subtle changes to computer records resulting in corruption.
We all know how much technology has changed in the past twenty years but we humans are often slow to adapt and keep up with the changes. Many business owners and managers probably still consider the risk of virus infection to be the main threat for computers going online. The virus has evolved into a large assortment of malicious techniques that a new blanket term, Malware, is now used that includes Viruses, Trojans, Worms, Rootkits, Spyware, Adware…and the virus is far from being the most dangerous of these.
Internet access is an integral part of many employees’ work and they could inadvertently be putting your business at risk. Producing Internet usage policies and guidelines may help but even if they are read you can’t be sure they are understood and followed.
How secure is your network from unauthorized external access? If you allow connections to the Internet then there is a potential for an intruder to get in. If a firewall and account access passwords are the only things between a hacker and your company data then you have a security problem. You need to think about better securing of important company data within your network. When thinking of data security you need to consider more than just access. Data integrity and recovery is also vitally important.
The use of mobile devices is on the increase and they are now being targeted by Cyber-criminals. As well as malware there is the threat of theft and any company data being compromised. Mobile computer users and people that take work home on notebooks can be another area of concern. Theft of notebooks and mobile devices is a constant risk. Do you know exactly what employees have on their notebooks and how secure it is? Do they use public wireless networks? These can be the least secure networks of all and more vulnerable to ease dropping using “packet sniffing” techniques.
An online presence has become an integral part of a business’s marketing strategy. Even if the business does not engage in e-commerce online, searches are increasingly the way people find your business. Many businesses have a website and have jumped on the Social Network bandwagon with Facebook, Twitter and others. It is important to manage your online presence and reputation. Do you know what is being said about you on the social networks? If you don’t then how can you defend yourself and correct any erroneous and sometimes malicious statements? It is also important to protect your business website from being hacked by keeping the software updated and plugging any security holes.