- Mike Burton
- Nov 22, 2014
How do you protect your Business from Hackers?
This is a question that faces all business owners regardless of the size of their business.
Unfortunately, it is a question that does not have a simple answer.
Generally speaking it is unlikely that all potential threats can be stopped and in some cases it is challenging to even know that some threats exist. For example; in recent months it was announced that Target, just one of many stores, was hacked and potentially millions of credit card numbers were stolen. It was weeks if not months before they found out that they had been hacked. This was a similar story for the CCRA when they announced earlier this year that they had been compromised by the heart bleed bug.
If your overall IT support is geared around optimizing security, the majority of threats that come your way can be stopped. The remaining threats are usually human error, as hackers tend to use social engineering tactics to get users to give them access. These threats can be reduced by educating staff on how to identify them.
Below are a few pillars to look at in your IT security foundation:
- A responsive, adaptive, and updated firewall with proven security features (we like SonicWALL). The key is in keeping the firewall updated and monitoring it.
- Deploy strong Patch Management practices. Ensure that all software (not just Microsoft) is updated as quickly as possible after patches are released. The increasing trend is for threats that expose vulnerabilities in programs like Adobe Reader, Flash, Java, and other common apps used by almost everyone on a daily basis.
- Use multiple forms of Antivirus and AntiSpyWare to thwart threats, again ensuring that updates and monitoring are happening.
- Local security configuration is important to ensure that open ports are secured on each and every device (switches, pos terminals, computers, printers, etc.) and local device firmware gets updated routinely. All devices can be accessible to hackers via exploits in device code as well as simple things like incorrectly configured computers.
- Use strong password policies. Password size, password complexity, and password expiry are key. Also it can be worthwhile to use 2-factor authentication to further enhance security.
- Monitor, Monitor, Monitor! All the settings, software and updates can be useless if there is no monitoring to see what happens. Nearly all devices have logs that can be filtered and alerted on for potential breaches.
Again, there is nothing that is 100% effective, however the majority of security issues are preventable with good overall IT security practices. IT Security needs to be a principle methodology within your business and for your IT Support provider.
For my team at Superion it is a fundamental service that we provide as part of our Managed IT Services and is one of our core competencies. We make it paramount to the design and maintenance of the networks we support. If you would like to know more about Superion and how we support your IT security needs, please email or call us today at 604.259.7647.