Small-business network security 101
- — 02 July, 2009 05:17
Today more than ever, good network security is vital to businesses of all sizes. Cybercriminals, equipped with sophisticated software that automates the task of seeking out vulnerabilities, aren't focusing on large enterprises alone; any easy target will do. Fortunately, however, good security isn't as expensive or as complicated to implement as it used to be.
Technology for protecting valuable data from prying eyes, warding off malware, managing spam, or empowering employees to work remotely and securely is now bundled in routers at prices that most organizations should be able to afford. Though consumer routers offer some of these protections, you don't have to spend a lot more for business-class alternatives that provide more-robust defenses and, typically, features that consumer products simply don't offer.
Attending to the Basics for Free
Small businesses must cope with the same Internet security threats as larger companies do, but usually without the same budget and manpower. And in recent years, the threats have diversified and become more subtle: Whereas several years ago, you worried that a hacker or virus would crash your computers, now you may never even realize that your network has been compromised until real economic damage has been done. For example, your data may be lost or held hostage; you, your colleagues, and/or your customers may fall victim to identity theft; or your computers may be used to distribute spam or malware.
Of course, once your business grows to a certain size--100 to 200 staffers or more--you're best off putting security in the hands of a pro, typically an independent contractor or a reseller. But if you're handling security for a workgroup or a smaller business and money is tight, you can develop and implement your own security policy. This doesn't cost a dime, and it can be very effective if you put in the required effort--but make no mistake, effort is involved. Nobody likes to change passwords every month, perform regular backups, and check for software updates, but tending to these chores can help minimize your risk.
Security organizations offer how-to guides that can get you going. For example, the Internet Security Alliance makes its "Common Sense Guide to Cyber Security for Small Businesses" available as a free download to registered users; you can read some of its contents in the SANS (SysAdmin, Audit, Network, Security) Institute's "Network Security and the SMB" paper.
The guides have similar checklists with instructions that you've probably seen before, but the major ones bear repeating:
Also included are items that you don't hear about as often but can also help to plug security holes:
The router that connects your network to the outside world is the primary line of defense, and ordinarily it has its own firewall; current consumer routers typically have other security features, too, so you should read the manual to see which ones your router offers. One important step that many otherwise savvy users often neglect is to change the default administrative log-in settings so that an outsider can't easily alter all of the other settings. (Router vendors tend to use the same default settings for all their products.)