Skip Links

5 security best practices for SMBs

By Jeff Vance, Network World
July 16, 2013 09:37 AM ET

Network World - If your small-to-midsized business is like most, you're playing a game of chicken with cyber-criminals. You probably know that your defenses probably aren’t able to repel today's sophisticated, persistent attacks, yet you hope that you'll be overlooked.

IT security is complex, and security professionals are mired in a nonstop arms race against cyber-criminals. It's easy to read headlines and think, "If the DoD can be penetrated, how am I going to ward off would be attackers?"

True enough, but there's an old security maxim to keep in mind: You don't have to have the most secure house on the block; you just have to have better security than your neighbors.

[ALSO: Hot security startups]

If you follow these five security best practices, if nothing else, you should be more secure than the majority of your SMB neighbors:

1. Be sure you've covered the security basics

You know that you should have antivirus and firewall protection on every computer in your company, and you know that you should train employees about safe email and web practices. However, have you verified that proper security tools are up to date? Have you verified that your employees understand the risks that come from clicking weird attachments?

According to the security and compliance team at System Experts, other security basics that you should be sure to follow include:

  • Be sure employees are given user-level, not administrator-level, credentials (but be sure at least one or two employees have admin-level access, of course).
  • Keep patches up to date, and enable auto-updates when possible. "Patch first, ask questions later," System Experts counsels.
  • Use a shared network drive to archive important data.
  • Educate employees on emerging threats, such as mobile malware and social media phishing.

2. Tame email

So many security problems start out with email. However, most phishing attacks can be cut off at the pass by good spam filtering tools. Not only is a spam often the key vector for malware, but it's also a bandwidth and storage hog.

If your email is hosted off-site, you can prevent much of this spam from ever reaching your internal corporate network by deploying gateway-based spam filtering. In the long run, this is more effective than desktop-based spam filtering.

For businesses on the small side of the SMB continuum, desktop spam filtering is always an option. Or a cheap workaround is to forward emails to Gmail, which uses Postini, to filter out the dreck. Making this manageable really involves giving each employee two email boxes (a headache, obviously, but if you're doing this on the cheap, you can't really complain much). Mail is delivered to first in-box, which then forwards it to Gmail for cleaning, and then you just set up Gmail to forward it back to a second address – or you can rely on Gmail as your second email address, since you can set Gmail to reply with your corporate email address.

Aggressively removing spam will eliminate many potential threats. Now, figure out how you're going to do it.

Our Commenting Policies
Latest News
rssRss Feed
View more Latest News