Security is sometimes an afterthought for many small businesses, and often never considered at all. You often hear from small businesses (and even some IT providers) something on the lines of “we have Windows Defender, what more do we need?”. While client-based anti-virus is important, it’s really just one small piece of the security puzzle.
The analogy that’s often referred to when it comes to IT security, is “layers of an onion”. Just a single layer isn’t sufficient – each layer should be peeled back to reveal another layer of protection. The more layers the better, and client-based anti-virus is a single layer of that onion. In this blog we’ll discuss some additional security layers that are available to small businesses to increase their security posture. This list is not all-inclusive by any means, but focuses on security tools that can be easily and inexpensively implemented in addition to client-based anti-virus.
Unified Threat Management
Unified Threat Management (UTM) usually consists of a small security appliance that sits on the border of your company network. Depending on the feature set, the UTM will contain a variety of security tools which can include a firewall, anti-virus/malware, anti-spam, intrusion detection, content filtering, etc. It’s an all-in-one solution that acts as the first line of defense for traffic entering your network. While feature-rich, it is a single point of failure, and therefore should not be the sole layer.
Virtual Private Network
For those who require remote access to their office networks, or have employees who work remotely, Virtual Private Network (VPN) is a secure way to do so. All too often you see small businesses with their systems open directly to the internet, leaving themselves vulnerable to attacks and data theft or compromise. VPN creates a secure encrypted tunnel between your remote users and your network. This encryption becomes especially imperative when users are connecting from unprotected public WiFi access points.
Already mentioned above as a feature of some UTM’s, spam filtering is another easy and inexpensive security layer. While spam itself by definition isn’t necessarily a security threat, spam emails can contain links to threats such as malware, phishing attempts, ransomware, etc. One wrong click by an employee can render an entire network useless. Spam filtering will prevent unwanted emails from getting through to employee mailboxes, which in turn lowers threat risk.
Web filtering is the web equivalent of spam filtering. Utilizing a database of known “risky” websites, the web filter denies access to web sites that could potentially be a threat to your network and data. Web filters are usually DNS-based, which means a simple configuration change is all it takes to enable this layer of security.
The most inexpensive security tool of all, and one of the most effective, is user education. Many threats can be avoided simply by educating your employees on what they should be looking out for when it comes to threats in email on on the web. Having an IT security policy, as well as continuous training for employees on the various threats that are targeting them, can help significantly lower your risk of attack or infection.
When choosing an IT provider, it’s important that the provider has experience in security and protection of your network and assets. It’s very easy for an IT provider to ignore security best practices, thus increasing risk to your business, likely without you even knowing it.
Small businesses need to take security seriously, as the number of threats are increasing by the day. If you haven’t already experienced a security incident, it’s very likely that you will in the future. While there’s no way to 100% protect your business against these threats, an experienced IT service provider can help you develop a plan to implement measures to lower your risk, potentially preventing catastrophic breaches or attacks.