For small and medium enterprises (SMEs), the Internet and computers have a love-hate relationship with SME owners. Technology is absolutely necessary to maintain a competitive advantage, but at the same time, it has shown the world its dark side.
The good news is that technology use in business is, and can be, alive and well for today`s SME, no matter which industry it is in. The bad news is that security is not getting enough attention. It`s actually simpler to be secure than it is often made out to be.
In this series of Industry Insights, I will point out 12 practical and affordable strategies and tips to ensure SME safety. Security is such a broad topic that there is no article, chapter or even an entire book that can cover all aspects of digital security. However, implementing these steps with the possible help of the SME`s favourite IT supplier will ensure it does not fall victim to the vast majority of business technology security issues we all face.
Today`s three points focus on some basic infrastructure elements. In the same way that a good foundation is required for a long-lasting brick-and-mortar building, it is important to have the proper technology foundation laid first.
1) Use a good router. Some folks may think that a router is a router is a router. Not so. There are the consumer brands such as Linksys, D-Link, Netgear, etc, that small businesses often use. However, to be able to apply additional controls, which in turn disable vulnerabilities from being exploited, a business-grade router with good support services is essential. For a small business, such a router should cost between R3 500 and R10 500, depending on its capabilities.
An alternative choice is to use a Linux or BSD-based computer as a firewall or router. However, SMEs should use a PC with few or no moving parts in order to minimise service requirements.
2) Implement a reverse firewall. All consumer routers offer some protection, but that is more of a by-product to the Internet-sharing capabilities it has (called NAT, or Network Address Translation). These same routers have few capabilities in terms of limiting outbound access. With a reverse firewall, simple rules can be established that allow virtually unlimited configurations to be setup. For example: SMTP is a protocol that sends e-mail. An all-too-common occurrence is that hackers compromise computers in order to send out spam. Blocking outbound SMTP traffic to any destination can save SMEs from participating in the sending of junk e-mail. Most ISPs have more robust mail systems than a small business, and they are also on `static` IP ranges, so the chances of successful mail delivery are much higher.
It`s actually simpler to be secure than it is often made out to be.
David Redekop, co-founder of Nerds On Site.
Many Trojans that open up so-called "backdoors" work by making an outbound connection, which are often unrestricted. The most famous story of this happening goes back some years when an AOL customer (a hacker) socially-engineered an AOL support person to open up a screensaver file. Screensavers contain executable code, meaning they can secretly do things other than displaying the screensaver. In this case, the hacker was able to compromise a large number of AOL usernames and passwords. This particular attack, as well as many other backdoors that work in this manner, are prevented from carrying out their duty when a proper reverse firewall is in place. Note that even if the system is infected with such a backdoor, the backdoor never becomes available to the attacker.
3) Maintain Windows Update up-to-date. This can be done in several ways, either on a computer-by-computer basis, or by utilising WSUS (Windows Server Update Services) which is run on Microsoft Windows Server and can better manage a group of Windows workstations and their update schedules. On occasion, new problems have been introduced with updates. Generally speaking, however, it is safer to remain up-to-date.
It is also worth mentioning that as businesses introduce other operating systems such as MacOS or Ubuntu Linux, those environments are just as important to keep up-to-date.
In the next three Industry Insights, I will write about preventive measures and ongoing security strategies to keep SMEs safe from the digital gremlins out there, allowing companies to focus on core competencies, rather than being concerned about security.
* David Redekop is co-founder of Nerds On Site.
Share