It’s difficult to ignore widespread media coverage of highly publicized cyber-attacks targeting large companies like Sony, Ashley Madison and even the US government.
But it’s not only large organizations at risk; small and medium sized businesses are also vulnerable.
In fact, recent statistics indicate more than 75% of companies are likely to become a target at some point in time.
The scale and intensity of recent cyber-attacks should serve as a warning to organizations that it is no longer enough to rely on antivirus software for protection, as so many businesses still do.
Instead, companies need to implement a layered security system that provides in-depth protection against attacks.
A layered security system provides several layers of security that together; make it more difficult for hackers to penetrate a network. If one security measure fails, the next will prevent the intrusion.
Now more than ever, antivirus software is a critical part of any business network. Top antivirus companies work hard to identify new viruses as quickly as possible and keep their software up-to-date. Since some antivirus programs are superior to others, it’s important to select an antivirus program with a good reputation and avoid freebies at all cost.
Ideally, you should have two levels of antivirus protection.
First, install software on your email server or incoming mail router to catch email viruses sent to the company.
Next, each PC should have its own antivirus installed to catch malware that might slip through the first level of protection. (This also guards against viruses on USB sticks and external hard drives.)
If you allow mobile devices on your network, they too must have antivirus software in place. Regardless of what antivirus software you use, ALWAYS ensure it is up-to-date.
A business network would not be complete without a firewall. It may be included in your antivirus software or the firewall might be separate.
Firewalls prevent hackers and anyone who isn’t authorized from signing onto your network. They are configured to allow certain types of internet traffic while excluding others.
Often, firewall configuration is quite complex and it’s a good idea to have your settings checked by an IT specialist.
A firewall should exist at every access point to your network, including all personal computers. When a file is sent through the internet, it’s automatically broken up into small pieces called packets. Each packet has an identification number. The packet records where it is from and where it is going.
With this information, a special function known as a packet filter can prevent the receipt or transmission of data from unknown or insecure IP addresses.
Computer operating systems are complicated, and hackers continuously find new ways to break through their security systems. This is why big software companies like Microsoft and Apple regularly release important security updates. When an update is released, it’s best practice to install these software updates as soon as possible to reduce the risk of a cyber-attack.
For this reason (and many others), businesses should move away from older operating systems like Windows XP, due to their many vulnerabilities and lack of support. Additionally, it’s important to remove old software no longer in use, since hackers can more easily hack into unsupported software.
Most businesses use an internal local area network (LAN) to connect users to their main servers. If users have unlimited internet access, the entire system is open to an attack. One way to prevent this is to have a separate secure network specifically for servers and services that access the internet. This is known as a DMZ network.
A DMZ network allows different rules to be applied for internet traffic and as a result, protects the less secure internal LAN from attack.
Network security can be strengthened by adopting something called “the principle of least privilege”. This means access to different systems is only granted to those who need access, based on their IP address or sign in.
A hacker will often modify a file or commonly used piece of software in order to hack into a company’s network. One way of detecting such efforts is to look at the file’s checksum – a long digital number automatically generated from the contents of the file.
Each distinct file has its own checksum that is used to ensure the file hasn’t become corrupted while being sent from one computer to another. If the file has been hacked, its checksum changes, making it easy to identify that something is wrong.
In practice, the checksum of commonly used software files is verified and allowed into the system. Similarly, known malware is identified by its unique checksum – and excluded. Any files with unknown or suspicious checksums can be isolated for verification and removed to prevent them from entering the business network.
There are several important areas of network security to cover:
Despite using state-of-the-art network security systems, it’s possible your network will experience an attack at some point in time. If this happens, you need to be able to detect the intrusion quickly so you can take remedial action to shut down the attacker and protect your network.
One way of detecting a successful attack is to watch out for unusual internet traffic. This may indicate the transfer of stolen data. Fortunately, routers and firewalls log all internet traffic. These logs record the size of each file, where it came from and the IP address it was sent to. Logs are then automatically analyzed, compared with normal internet traffic and any unusual data transfer is flagged and blocked.
Is your Milwaukee area business network missing one or more of these important security solutions? There is no better time than now to strengthen the security of your network and close loopholes before a hacker finds them first.
Apart from the embarrassment of losing sensitive customer data, you could suffer serious financial losses and ruin your company’s reputation.
A security risk assessment is a great way to identify your network security needs. Not only can you identify the threats facing your business, but you can also understand the consequences of a successful cyber-attack.
With this information in hand, you can prioritize what steps to take, define an action plan and tackle the most critical vulnerabilities first.
Contact us today for a security check-up for your business. We’ll provide recommendations to close loopholes and ensure your network remains safe and secure.
This network security assessment can be done once or twice a year, to monitor your ever-changing IT requirements and changes in technology.
Contact our office for details at (262) 522-8560 or send us a request online.