Get tough with your users to protect your network

Your company's biggest security threat is likely on your payroll. Here's how to keep workers from destroying your business

No one likes to be hated, but if you're running a small business, sometimes you've got to take security measures that will make your employees really angry. You might even have to (gasp) pull some PCs off the Internet, and treat some employees like, well, children.

Here's why:

No matter how hard you work, no matter how many security programs you install, the biggest threat doesn't come from outside the firewall. And it isn't from unpatched software and it doesn't come from buffer overflows, etc. Your own users are your biggest, albeit unwitting, enemy.

"If all software had 0 exploits, it wouldn't drastically change the amount of successful hacking," says security Roger Grimes, a security pro and columnist. It's because the bad guys have elevated social engineering, the hack that takes advantage of a user's greed, lust or simply naivety, to open the gates to malware.

[Antivirus software and a firewall alone can't guarantee your safety. Here's how to foil the latest crop of sneaky attacks and nefarious attempts to steal your data.]

Grimes may be overstating the case a bit. Software exploits are serious and ever present.

But the modern hacker who wants to gain access to data that can be sold, knows that users can be tricked onto sites that are seeded with malware, says David Perry, global director of education for Trend Micro, whose global array of sensors (and information exchanges with other security vendors and customers) now detects an astonishing 100,000 samples of new malware a day.

And don't think that all sites infected with malware are XXX rated. By the beginning of 2009, the majority of poisoned sites were mainstream. In a typical attack, users of FoxNews.com were told they needed to install a new codec to watch clips on the site. Once installed, the "codec" was a malicious piece of code undetected by most defenses, Grimes recounts.

What you can do to secure your network

Perry suggests some distinctly unpleasant remedies for the small business.

The most draconian applies to computers that hold customer data, particularly credit card information. "If possible, take them off the Web," he says. Files don't have to be e-mailed internally. Assuming you've got a network, simply drag files from one directory to another without a browser.

Without being patronizing, employees need to be treated with some of the same concerns you might have for your children. You know the drill; tell them going to porn and gambling sites and so on will get them in serious trouble. Since they are adults, you might set up a PC in the break room that has Web access but is not on your network. They may waste time on it, but it won't endanger your firm's security.

You've got to be in control of your network. Trend Micro's Internet Security Package, for example, let's you set security policies for every computer on your network with a simple stratagem: Install the product on PCs that need to be protected and when the program asks for a password, give each PC the same one. (To be clear, we don't mean a network password, but a password to the security program.)

When that's accomplished, one person can block sites and set security policies for all PCs running the program. And if your employees don't know the password -- and they shouldn't -- they can't change the policies.

Your employees may get angry, but your business will be a lot safer. And that's a worthwhile tradeoff.

San Francisco journalist Bill Snyder writes frequently about business and technology. He welcomes your comments and suggestions. Reach him at bill.snyder@sbcglobal.net.

Join the Good Gear Guide newsletter!

Error: Please check your email address.

Struggling for Christmas presents this year? Check out our Christmas Gift Guide for some top tech suggestions and more.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Bill Snyder

PC World (US online)

Most Popular Reviews

Follow Us

Best Deals on GoodGearGuide

Shopping.com

Latest News Articles

Resources

GGG Evaluation Team

Kathy Cassidy

STYLISTIC Q702

First impression on unpacking the Q702 test unit was the solid feel and clean, minimalist styling.

Anthony Grifoni

STYLISTIC Q572

For work use, Microsoft Word and Excel programs pre-installed on the device are adequate for preparing short documents.

Steph Mundell

LIFEBOOK UH574

The Fujitsu LifeBook UH574 allowed for great mobility without being obnoxiously heavy or clunky. Its twelve hours of battery life did not disappoint.

Andrew Mitsi

STYLISTIC Q702

The screen was particularly good. It is bright and visible from most angles, however heat is an issue, particularly around the Windows button on the front, and on the back where the battery housing is located.

Simon Harriott

STYLISTIC Q702

My first impression after unboxing the Q702 is that it is a nice looking unit. Styling is somewhat minimalist but very effective. The tablet part, once detached, has a nice weight, and no buttons or switches are located in awkward or intrusive positions.

Latest Jobs

Shopping.com

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?