1.Your employees are your biggest risk and asset.
WebSense, a web and email filtering company, indicates 80% of all security breach incidents occur from within an organization.
2.There is no fool-proof method to ensure total security without unplugging your connection to the internet.
Given the frequency with which new viruses are introduced, it seems impossible to keep up 100%. Here are some recent statistics from Websense that show the severity of web threats.
a.85.6 percent of all unwanted emails in circulation contained links to spam sites and/or malicious web sites
b.77 percent of Web sites with malicious code are compromised legitimate sites
c.95 percent of the of user-generated comments to blogs, chat rooms, and message boards are spam or malicious
So what can you do? The important thing is to have a plan in place for dealing with them.
3.Back to the basics: What every small business should have for a more secure network.
a.Passwords that change on a regular basis and are not intuitive.
The National Cyber Security Alliance recommends using hard-to-guess passwords that are at least eight characters long and mix upper case, lower case and numbers. Don’t share your password with anyone and change it at least every 90 days.
b.Up-to-date anti-virus software on all workstations and servers.
Since new viruses are created every day, it is essential to have anti-virus software that can be updated regularly to protect against the latest threats, preferably automatically updated to every workstation from your server.
c.Firewall with strong traffic policies to prohibit and allow communication.
Firewalls provide protection between your computer and the world. They filter and block potentially dangerous and unauthorized data from the Internet and also let “good” data reach your computer. There are two types of firewalls: software and hardware. Software firewalls run on individual computers while hardware firewalls protect several computers at once. The size and needs of your company determines whether you choose one or both.
d.Email anti-virus and spam filters.
Using filters to intercept email viruses and spam is an important way to protect your network. There are two types of email viruses: those that are enabled when opening an email attachment (i.e. the LoveLetter virus in 2000) and those that run automatically regardless of an attachment (such as the Nimda virus). An email anti-virus filter will catch incoming messages that contain viruses and stop them in their tracks. Typically you will receive an email notification to let you know that a virus was detected and quarantined.
e.Anti-Spyware Technology
Spyware, as defined by CRMtech.com, is “any technology that aids in gathering information about a person or organization without their knowledge. On the Internet (where it is sometimes called a spybot or tracking software), spyware is programming that is put in someone’s computer to secretly gather information about the user and relay it to advertisers or other interested parties. Spyware can get in a computer as a software virus or as the result of installing a new program.” It basically gives advertisers information about your web surfing habits so they can target you for particular products. Anti-spyware is software or technology that disables spyware so you can regain your privacy.
Conclusion:
Keeping data safe is an ongoing concern, one that has plagued internet users since the advent of email allowed us to quickly and easily transmit information. While there are many different ways of protecting data, password protection is by far the most common. However, it is not nearly as secure as having the documents properly encrypted so that they may not be read by prying eyes.
For anyone seeking to get classified or even sensitive data being sent internally from a company, finding a way to hack a simple password lock on a document is not a major challenge. If the person or entity has experience it would be a matter of minutes, if not seconds, to get into a so called protected document that has a simple password. This scenario is nightmarish for companies that deal in sensitive financial or other information that they cannot afford to have compromised due to a simple email slip.
Luckily there are several excellent encryption software programs that are no available on the market place, which are neither very expensive nor very hard to use. Most include drag and drop or simple add options that would be very easy to train a staff in using. Similarly most have a varying level of encryption options and require the same software to be on both computers, the sender and the receiver, in order to decrypt the documents being shared.
Some excellent examples of software that is available are:
- Encrypt Files: Which looks and feels a little more cumbersome than it actually is, and is relatively user friendly
- dsCrypt: Provides a very easy to use and learn drag and drop method of encrypting files.
- MEO Encryption: This software is excellent for email users and allows the user to create executable files that will self extract on decryption.
There are a plethora of choices out there when it comes to internet security and encryption, making choosing the right software relatively harder than necessary. If in doubt, always consult with a technician or local IT professional giving them all the requirements and capabilities that you are looking for and getting expert guidance.
