We live in an era of adware and spyware; worms, Trojans, viruses; botnets and zombies and the last thing you need is to have your business network infected—not to mention affected—by these digital parasites. Let’s face it, your information is your business. Your records, the information you store about your customers, it’s all valuable to someone out there and so protecting it should be one of your top priorities. Still, there are a handful of mistakes that you can identify and rectify today that will save you all kinds of grief tomorrow. To get you started on your own assessment, here are the things that Cisco Systems found when they asked: What are the common IT security mistakes businesses make?
Being too generous with wireless network access. OK, you want to be polite to visitors and free-handed to your staff, but wireless networks can be a dangerous thing. The ease with which they can be attacked should make you think twice about the uses your visitors and staff will be putting it to. Consider the following:
- Use a wireless entry point that supports Virtual Local Area Networks (VLANs) and create one for guests to use that offers only restricted access.
- Assign random passwords for guests and set them to expire at a specific time.
- Never broadcast your company SSIDs (Service Set Identifier, which is a token that identifies your network).
- Use the lowest power settings that are practical so others cannot access your network.
Expecting superhero performance from a familiar duo . Your firewall and your anti-virus software will not protect you from all of the dangers of the digital world. You need a layered defense for your network, the sort you can find in an integrated security appliance, so that if something does get through the firewall, for example, it will be stopped further on.
Letting employees connect too freely from home or the road. You might have a virtual Fortress of Solitude protecting your network, but when Bob from accounting logs in from the neighborhood coffee joint, he has a direct line in—and so does anyone or anything that may have intercepted and rerouted his signal. You can deal with this by setting up Secure Socket Layers (SSL) Virtual Private Networks (VPNs), which secure the user session without requiring software to be loaded onto the remote system.
Using “leaky pipes” to connect to other sites and partners. This goes back to the inherent security problems found in using the Internet. Here, again, VPNs set-up for those working from remote sites or for partners that need access to your network can be very useful. So can installing an intrusion prevention system, which will alert you to any suspicious activity on your network.
Being lured off-course by a “siren song.” Everyone, including me, has an opinion on network security, but the person you need to discuss your needs with is a professional in that field, a certified technology partner who has experience with the needs of small business and a proven track record. This person can help you find the best solution for your situation, keep the costs down, and develop solid IT policies for your company.
For more information on wireless network security issues, visit Wireless Safety.