Back in the day, a good antivirus product was all that a small business needed to protect its network. Patches consisted of mostly bug fixes, and the Internet was relatively safe. When high-speed Internet entered the picture, it changed everything. Back in the days of dial up, the bandwidth that would provide a cybercriminal with decent access to a business’s network quite literally did not exist. Furthermore, the connection wasn’t 24/7. Unlike today, users connected to the Internet to do whatever tasks they needed to do, then logged off so someone could use the phone line to make a call. There was no need for networks to have layered security.
But that was 20 years ago, and a lot has changed since then.
The Not-So-Secret Downfall of High-Speed Internet
Today, every computer connects to high-speed Internet, 24/7. While this 24/7 access has opened up many opportunities for individuals and businesses alike, it has also paved the way for cybercriminals to have access to unprotected machines all over the world.
It’s safe to say that high-speed Internet isn’t going anywhere, so how are small businesses supposed to protect their data? An antivirus program is a great place to start, but that alone is not enough. This is because it is a reactive defense rather than a proactive one. Antivirus protects you only after you’ve been infected—wait, WHAT! That’s right. If you’re lucky, it will catch the virus before it has a chance to do anything, but more often than not, antivirus programs only detect a malicious program after it’s done the damage. In these scenarios, you are forced into cleanup mode, where you will likely be looking for the most recent backup of your data.
What we have learned in recent years is that cybercriminals tend to target operating system and third-party software vulnerabilities. This means that patch management has gone from an optional method of keeping up with the latest fixes to a necessary (and more often legally required) proactive security measure for small businesses.
Simply put, if you have a network, you have to patch. Patching is no longer a suggested recommendation. It is a necessity, and it has become a full-time job.
Be cyber aware. Not all the sites out there are friendly. Cybercriminals know that users will be drawn to anything that is free, so they design websites to lure unsuspecting users into a place where their machines can be compromised for data or even taken over, as in the case of a botnet. While the user feels they are lucking out watching their favorite show or sports game for free, behind the scenes there could very well be compromising software installed, waiting to be fired up and used at the right time. Be aware of sites that seem too good to be true—most often, they are.
Protect Your Data with Layered Security
Today, a layered security approach is the absolute best way for small businesses to secure and protect their information. What does that look like?
First Layer: Firewall
You can think of a firewall as a traffic guard. Firewalls monitor incoming and outgoing network activity and determine who can enter or not. An industrial-grade firewall should be your very first layer of security. Standard home routers that you can purchase at major electronic stores do not provide the protection that businesses need from advanced external attacks. For maximum security, we recommend having a firewall with both IPS (intrusion prevention system) and IDS (intrusion detection systems). Gateway antivirus and antimalware should also be included on the firewall.
Second Layer: Antivirus
What was once the first and only layer has now become the reactive security layer. This defense kicks in if a criminal has managed to get past the first two layers. As we mentioned before, if this is your only layer of defense, it is critical that you strengthen your defenses.
Third Layer: Web Filtering
The web filtering layer will help prevent users from going to compromised or fraudulent sites. Now, you may have a device that already does this, and that is great. However, keep in mind that one infected remote user can unknowingly smuggle in something that can infect your whole network. You must be able to apply the same filtering to every device, no matter whose or where it is.
Fourth Layer: Patch Management
All the security software in the world won’t help you if an attacker is able to take control of your OS or browser based on a vulnerability. Patching on a monthly basis is absolutely essential.
Unfortunately, cybercriminals today have the world at their doorstep, and too many businesses are not taking this layered approach with their networks. Cybercriminals are looking for quick and easy access to private information, and oftentimes, it isn’t hard to come by. If they have to put any effort into breaking down your defenses, there is a good chance that they will move on to easier targets. Covering the four layers mentioned here makes you far less attractive to them.
Cardinal Technology Solutions provides the best proactive layered security and disaster recovery for small businesses in Winchester, Virginia and the surrounding areas. Our services include web filtering, scheduled patch management, and anti-virus/malware scanners. Don’t be the low hanging fruit—keep your users and your business protected. Contact us today to find out how we can help you stay productive and safe.