Today more than ever, good network security is vital to businesses of all sizes. Cybercriminals, equipped with sophisticated software that automates the task of seeking out vulnerabilities, aren’t focusing on large enterprises alone; any easy target will do. Fortunately, however, good security isn’t as expensive or as complicated to implement as it used to be.
Attending to the Basics for Free
Small businesses must cope with the same Internet security threats as larger companies do, but usually without the same budget and manpower. And in recent years, the threats have diversified and become more subtle: Whereas several years ago, you worried that a hacker or virus would crash your computers, now you may never even realize that your network has been compromised until real economic damage has been done. For example, your data may be lost or held hostage; you, your colleagues, and/or your customers may fall victim to identity theft; or your computers may be used to distribute spam or malware.
Of course, once your business grows to a certain size–100 to 200 staffers or more–you’re best off putting security in the hands of a pro, typically an independent contractor or a reseller. But if you’re handling security for a workgroup or a smaller business and money is tight, you can develop and implement your own security policy. This doesn’t cost a dime, and it can be very effective if you put in the required effort–but make no mistake, effort is involved. Nobody likes to change passwords every month, perform regular backups, and check for software updates, but tending to these chores can help minimize your risk.
Security organizations offer how-to guides that can get you going. For example, the Internet Security Alliance makes its “Common Sense Guide to Cyber Security for Small Businesses” available as a free download to registered users; you can read some of its contents in the SANS (SysAdmin, Audit, Network, Security) Institute’s “Network Security and the SMB” paper.
The guides have similar checklists with instructions that you’ve probably seen before, but the major ones bear repeating:
- Protect user accounts with strong passwords and change them regularly.
- Scrutinize e-mail attachments and links.
- Install and regularly update antivirus and antispyware software.
- Keep your operating system and applications current and patched.
- Set up and use a firewall.
Also included are items that you don’t hear about as often but can also help to plug security holes:
- Remove unused user accounts and software.
- Regularly back up key data.
- Implement network access security.
- Limit access to sensitive information.
If you’re using Wi-Fi, it’s time to bite the bullet and use the best encryption available, WPA2. If you’re hanging on to a laptop that doesn’t support WPA2, either upgrade to one that does or resign yourself to disabling Wi-Fi completely and using a wired hookup. The same goes for smartphones: Current and recently issued handsets (including the iPhone) support WPA2, and you should abandon Wi-Fi on older handsets that don’t.
Moving Up to Business Class
The All-in-One Approach
Routers that do address the entire range of business security needs are known as unified threat management (UTM) appliances (see our detailed examination of UTM features from last year). Typically they involve subscriptions on top of the base price to pay for updates to the antivirus/antispyware/antispam software, and for many such offerings the fees are based on the number of users or connections supported. (Even if no user fees are involved, you should check on the number of users the device is designed to support: Exceeding that number can result in significant network slowdowns.)
You may be wondering why you need a UTM when your business PCs already have antivirus and antispyware software. Security experts say that the additional layer of protection at the network level can make a real difference–especially if the antimalware programs on your client PCs and on the UTM appliance come from different vendors. You should confirm which third-party software vendors an appliance manufacturer has partnered with; most depend on established antivirus, antispam, and/or antispyware products.
A Wealth of Security Choices
The UTM category is exploding, with offerings from home and small-business networking companies such as D-Link and Netgear, networking giants such as Cisco, and companies that are well known for their enterprise-class security appliances and software, such as Check Point and SonicWall. Most of these companies have a range of products that a growing business can step up through.
The pricier the device, the more complicated it will be to set up. Typically vendors will provide links to a network of professional resellers. Again, larger workgroups or medium-size businesses will probably find working with a security professional more efficient, but the tech-savvy user at smaller outfits or workgroups can usually buy these appliances directly from big online retailers such as CDW, NewEgg, or PC Connection. You’ll have to determine whether it makes more sense to pay a pro or to spend your own time on setup.
For more, watch the PC World video, “Small Business Network Security.“