In the 1995 film "Hackers" the lead character downloads sensitive information to a floppy disk. Today, of course, advances in technology have yielded equally advanced security threats. Consider news reports in the past year about computers compromised by botnets. Businesses face daily threats from these and other cybersecurity dangers that are further enhanced by increased reliance on new business communications and computing tools.
While most business owners understand e-mail is key to the success of their business, their networks are more vulnerable than ever to the proliferation of increasingly sophisticated e-mail viruses and spam. According to Gartner, 90% of all viruses and worms enter organizations via e-mail. Most of these threats stem from external sources, but IT professionals should not overlook the threats insiders pose - either intentional or accidental.
Large organizations possess the resources to proactively assess and avoid many threats, but countless small- and midsized businesses (SMB) are finding it increasingly difficult to protect their information assets. Unfortunately, conventional firewall/antivirus solutions are no longer sufficient to protect against all the threats. Effective security solutions must continually evolve to incorporate advanced technologies and security-conscious business practices. So what can be done to tighten the security around your business?
New threats
While few brand new threats have surfaced recently, the number of cybersecurity attacks has increased. The threats grow more sophisticated and more difficult to battle each year. With the rise of social media, mobile workforces and Web applications, companies are not only being attacked more frequently and efficiently, but from a variety of different vectors.
As a result, patches and downloads are unable to keep up with cyber criminal activities, and some of the most current threats have penetrated even well-defended networks as quickly as within two hours of the first attack.
Many targeted e-mail attacks, often referred to as "spear phishing," exploit end-user vulnerabilities in commonly used programs. This is the primary, early infection method used to compromise computers with Internet access. Attackers also exploit these end-user vulnerabilities when users visit infected Web sites.
Another growing concern is attacks via various Web applications which, as of 2009, constituted over 60% of the total attempted attacks observed on the Internet, according to the SANS Institute. Often, hackers exploit vulnerabilities in trusted Websites, converting those pages into malicious sites capable of spreading threats quickly. Unfortunately, many site owners fail to scan effectively for the common flaws that make this strategy possible, leaving security responsibility to end-users who visit the site expecting a safe experience. These Internet-based threats have increased in correlation with the rising popularity of social network sites, which many use to promote the services of SMBs.
SMBs understand the importance of implementing countermeasures to mitigate the effects of external threats, but security is a two-way problem - data leaving the organization can be as harmful as what comes in. For example, highly-regulated organizations, such as financial institutions and healthcare providers, or those who contract with them, face legal liabilities if employees send out sensitive client or patient information. Increasingly sophisticated portable storage devices also present another concern. With these devices, employees can unknowingly transport information assets, viruses, botnets and malware across multiple computers and into the office, exposing your business to even more security breaches.
Best practices to protect your business
The best practices below can help SMBs keep pace with evolving security threats. Though they may lack the resources of larger businesses, SMBs can work toward better security by doing the following:
Engage with other SMBs to determine what is and isn't working for them - borrow what's worked and avoid the missteps.
Conduct a cybersecurity risk assessment, readily available from reliable security providers. Identify, classify and locate your key information assets and create a strategy for what needs to happen should those assets fall under attack. Knowing what is in your network is critical to protection.
Increase your use of e-mail content filtering by selecting a program that gives you the ability to block discrete attachments based on content, both inbound and outbound.
Simplify security for end-users - lessening complexity in the security process increases end-user inclination to follow protocol correctly and consistently.
Keep systems updated/patched - this includes operating systems as well as applications.
Use business assets - such as company laptops and other equipment - for business alone. In addition to an effective, internal security policy - and enforcement of that policy - internal risk levels can be reduced.
Regularly run network audits to stay on top of log files, abnormal traffic and other tell-tale signs of infection.
Develop and socialize policies and controls around what information can be stored on user desktops and laptops, and for how long, to ensure important data gets to storage devices that you can control and protect.
Empower your network administrators to enforce your security policies, but be sure you are giving them the tools to do so.
Don't lose sight of the big picture. Stay tuned to how threats and anti-threat solutions are evolving, identify issues before they turn into problem areas and proactively take the steps to guard against them.
Maintain ongoing awareness programs to make network users aware of new threats; for some threats, the best defenses are user understanding and safe practices .
The list of security threats plaguing today's businesses is never ending, and many organizations are hard-pressed to keep apprised of the latest vulnerabilities, let alone respond to them. With limited resources, SMBs must work especially hard to protect themselves. Using these tactics can help you reduce both internal and external data threats, and can help keep your data and, by extension, your business, safe and secure.