If you are in the mainstream position of not having a set IT security budget or dedicated staff to secure your data then you may find the following tips of interest.
As a small business, where do you start? Well, for most businesses there are two main ways your electronic data can be lost: hardware failure and virus infection. Hardware failure is difficult to predict, so a regular back up routine can really save you there. To protect yourself against viruses, you need to do two things: have a comprehensive anti-virus solution installed, and engage in user behavior that protects the security and integrity of your IT systems.
Virus writers evolving to cyber criminalsIts pretty common knowledge now that Virus writers have evolved from being little more than a group of vandals, maliciously destroying property for no real reason other than reputation, to organised groups of cyber criminals, whose intent is to make profit from illegal organised attacks on businesses through identity theft, theft of your login passwords, Denial of Service (DoS) attacks which target specific corporate websites and take them down and the creation of massive bot networks. This is done by remotely controlling your PC to launch spam from it. The criminals rent the networks of remotely controlled PC’s to launch massive spam attacks on behalf of dubious advertisers. We are seeing increasing cooperation between virus writers and spammers. They are even using social engineering techniques: I'm sure you've seen at least one legitimate looking email from a 'bank' asking you to click on a link to verify your online banking credentials (this is called 'phishing').
Protect yourselfRule number one - Don't open emails, and especially attachments, from people you don't know. Use a quality Server-side email scanning solution that scans and cleanses your email of any viruses that may be attached, before they ever reach your in-box.
Rule number two - If an email contains a link don’t click on it! Instead, copy or type the link into your browser rather than click on it - you're less likely to be redirected to a fake site.
Rule number three - Only download files from reputable, trusted sites. And forget all those free screensavers and wallpapers - it's not unusual for a nasty little Trojan or Spyware program to tag along for the ride.
A comprehensive anti-virus solution is one that covers all of your IT systems: your PC's, your servers, your gateways, your PDA's, your email. It should be updated frequently - more than once a day - with NEW virus definitions. It should be able to scan ALL of your computer system, not just a set of predefined file types. It should work automatically in the background. Remember that new viruses are being released every day, so it is imperative that your anti-virus solution has the latest virus definitions to remain effective. Kaspersky Labs update their virus definitions database every hour, and so all of their anti-virus solutions offer the best protection from even the newest viruses.