One of the largest challenges facing small and medium-sized businesses in the UK is IT security. As a business becomes increasingly reliant on the data on its systems, it faces ever-increasing threats to the network and data integrity.
How do you ‘shut the door' to your PC network?
Simple steps will effectively reduce the risk to an acceptable level - all firms want to protect data and limit risk without spending large amounts of money.
IT systems use a multi layered approach to ensure security, similar to methods used in banks. When it comes to protecting the money, banks place their highest security closest to the actual money, together with the front of house security. This multi layered approach allows and encourages normal people into the bank, but in turn discourages the robber with a difficult path to the money.
So how does this really translate from IT speak into the real world? This will be answered by first looking at email; we all use it, so it is vital steps are taken to ensure the emails we receive are safe and relevant to our business.
Spam
Businesses need a device or a service from a provider that "cleans" emails of spam, and removes viruses at the same time, ensuring what is received in your inbox is relevant.
These systems aren't 100% perfect, therefore any system implemented must be able to learn and needs to be simple to use/administer. We need to extend this protection to the actual PC as another layer in the form of a suite of software that blocks and inhibits spyware, viruses, etc.
This software needs to be adaptive to the threats and to talk to a central system with status information. Security doesn't end there; your business almost certaintly has internet access at work, so we must take steps to protect our computer network and its data from the outside electronic world.
Firewalls
Firewalls are a device that stop the Internet from getting inside your computer network. These devices vary considerably in features and price and one size does not fit all.
Best practise would dictate a relatively simple (fast) device is placed closest to the internet to undertake simple security blocking tasks, then closer to the users you would place a more complex device that can undertake a very fine inspection of information flowing in.
These complex devices can also inspect/block what is going out from your network, which can be a useful productivity and security tool if your staff are surfing the Internet and looking at potentially unsafe web sites. These devices and ideas are the starting point of formulating an IT security plan and policy, although each business is unique and each requirement and its solution is different from the next.
Are the risks real?
Yes they are. The use of professionally written, intelligent and well executed viral code is becoming widespread.
Infections today are less openly destructive than they used to be as the writers now know that they can extract useful and valuable data that has a financial worth, like credit card details.
These attacks are not just limited to small time ad-hoc efforts; they can be streamlined targeted affairs for a particular purpose. This type of criminal activity is rapidly becoming mainstream; the number of detected viruses over the past two years is almost equal to all the viruses detected since they started recording such information!
The approach above is typically through email or web sites but we haven't mentioned direct attacks i.e. "Hacking". People try and exploit security weaknesses in your Firewall, computers or even people - your firm could be attacked through a home worker who's PC is unchecked and insecure. There must be many security hurdles in place to thwart a determined hacker from gaining access to your network.
To put matters in to perspective, it is all about what risk your business is willing to accept. This answer, alongside your business type and what you do for a business, will help determine the solution.
For more information go to www.axon-it.com