With Doug Potts, system engineer at the Chicago office of direct vendor CDW Corp.
- INTERNAL HACKERS
Inside hacker jobs account for about 70 per cent of hacking incidents, according to a recent Ponemon Institute survey of 163 Fortune 1000 companies. And they
are the No. 1 security problem for companies of any size, says Potts, who advises SMBs on how to gain control of their IT security. Such hackers are scary because a) they are inside the firewall and b) they have access to parts of the network that maybe they shouldn’t have.
- Have very strict usage policies. If your business has a payroll server, make sure someone is checking it to see who is trying to open files and how often.
- If you want to be more proactive, add software firewalls on all your users’ machines as well. “If somebody can’t get to a certain resource, the next thing they’re going to do is try to make sure nobody else can get to it,” warns Potts.
- Deny access to certain programs.
- EXTERNAL HACKERS
While they’re not responsible for as many incidents as people inside the firewall, hackers on the outside are just as real a threat.
- Get a good firewall that has an implicit deny statement in it, so everything is denied except that which is expressly allowed. Most firewalls come this way out of the box, but it’s important to have the maintenance so that if a new threat is released, you get the updates. “Many people get a firewall and they say they don’t need the support because they’ve been configuring them for years,” says Potts. “Next thing you know they’re the ones that get hit first with Nimda and CodeRed and SQL Slammer.”
Viruses and worms are designed to cause damage, but they don’t care who the target is. Spyware initially doesn’t care, but eventually cares deeply, as it reports back to those who created the spyware on your PC usage. It might track the Web sites you visit and relay pop-ups on items it believes you might buy. More dangerous are key loggers, which track your key strokes, learning your user names and passwords and reporting them to the spyware creator. Enough spyware can crash a system and make it unusable.
- Install an anti-spyware program such as Webroot’s Spy Sweeper or Computer Associates’ eTrust PestPatrol. Anti-virus specialists such as =red>Symantec, McAfee and Trend Micro have started building spyware removal tools into their anti-virus software as well.
- Implement content filtering and control where your users go on the Web. “The vast majority of spyware comes from sites that users should not be hitting during the business day,” says Potts. So, a content filtering policy may say there are only 20 sites to which users really need access – everything else is cut off. “It’s a little more proactive. It’s also a good way of getting rid of some other issues,” he adds. Content filtering can block things like Hotmail and Yahoo mail, so users don’t bring spyware and viruses into the company through personal (browser-based) e-mail programs.
- VIRUSES, TROJANS AND WORMS
Viruses obviously cause serious system problems. Trojan horses can create back doors into your network. All such hazards poke some sort of security hole in your infrastructure.
- Use anti-virus software, but more importantly, make sure the maintenance is up to date so you get all the latest updates and patches. Most worms, viruses and Trojan horses are going to be taken care of by the software on the fly, or after the next update.
- WIRELESS THREATS
Because wireless has no boundaries, as soon as you implement a wireless device on your company network, that signal is somewhat out of your hands. And there are wireless hackers out there who actively look for wireless access points they can get into and networks they can seize.
- Implement the encryption capabilities of every access point you add. Most people don’t. “You paid for it, turn it on,” advises Potts.
- Do a site survey. “Take your laptop and walk around with it. See how far you can go with it. You may be surprised. You may find that you can see the signal two doors down and there’s somebody with a laptop stealing your signal.”