Steps for Stopping Hackers, Crackers and Spyware......

By: Mike Wysocki

Do you think a router or firewall makes you safe from hackers? Not necessarily. Do you think they won't attack you because your business is so small? Don't count on it. Hackers might grab your IP (Broadband address "IP") to hack others, store illegal information or test the latest trojan.

The checklist that follows will help you protect yourself against determined hackers and the many problems they can cause.

Create a written security policy. If you own your own business and have employees, tell them in writing what they can and cannot do on the Internet. Employees should know ahead of time that downloading music, movies and the like will get them into trouble...and in some situations, can be illegal and you could be responsible! And, of course they should be mindful of the fact that downloads can carry hidden viruses.

Do quarterly or monthly vulnerability assessments. More than 300 new vulnerabilities aka bugs in software/hardware arise every month and any that you fail to fix will provide an open door for hackers. With freeware and commercial tools (nessus.org, eeye.com, qualys.com) readily available, it's foolhardy to skip this step.

Patch. Make sure you regularly download the most recent patches for your systems.

Build in redundancy: high-availability and WAN-WAN fail-over. Redundancy is always needed. You can't rely on one connection to the internet or one firewall. If your firewall fails, it should fail-over to another firewall; if the broadband dies, it should fail-over to another broadband or dial-up connection. Think of this as insurance. Businesses need to run smoothly, and with technology costs dropping, it makes economic sense to use these safeguards to avoid the risk of losing customers or sales.

Divide Information into Groups. Internal hacking is even more popular than external hacking. If you have sensitive information on your servers, you might want to build separate zones for it behind your firewall. Everyone shouldn't be able to see HR files or client information. Put your Web site in a separate zone behind your firewall too. Hackers can attack via an exposed Web site.

Filter content. This cuts down on liability and increases productivity. If your employees view certain Web sites, they may be creating risks of lawsuits, spyware and viruses. If they download something it could be a trojan, virus or other malware that could throttle down your business. And don't just block questionable sites. Remember, most online purchases occur between 9AM and 11AM - prime time work hours. You could curb this and make online shopping opportunities a benefit instead of a right by allowing staff to surf during lunch hour but not during normal business hours. Most users waste an hour a day surfing the Internet, which could cost a company with 25 employees up to $150,000 a year in productivity.

Server/workstation Anti-Virus and Gateway/Firewall Anti-Virus. About 98% of businesses have AV on their servers and workstations. Make sure all your servers and workstations have updated AV as well as gateway AV, which is now available on most legitimate firewall solutions. Since viruses can shoot through the gateway, why not stop them there instead of letting them into your network where they could attack an unpatched on non-updated workstation. It pays to be paranoid

Use log reporting. Would you like to know where users are going, what type of bandwidth they're using and who is hacking into your sites? Many tools can take syslogs and put them into graphic reports. With these reports, you can spot problems, such as excessive bandwidth use or visits to questionable sites, and

determine what to do about them.



Install anti-Spam and anti-Spyware programs. Spyware is out of control. A recent survey of 3 million computers found 83 million instances of Spyware, usually traceable to downloads from the Web. There are many fine anti-spam and anti-spyware solutions are available such as Stopzilla and SonicWALL. Make sure you have both and verify that they are constantly updated.

Secure your telecommuters and road warriors. They could be your weakest link. Hackers can crack the remote worker and traverse back into corporate. With SSL VPN (Secure Socket Layer Virtual Private Network), secure VPN clients and the low cost of a solid ICSA (Legitimately tested firewalls....ICSAlabs.com) firewall appliances, there is no reason not to be secure remotely.

Secure wireless access points. Wireless access points create huge vulnerability in most networks. What looks like a great firewall solution isn't so great if it has a wireless router behind it. Wireless routers are easy to hack and they're usually set up without security. Although most companies have policies banning wireless but it's easy for employees to find rogue access. Secure wireless access points are available, and worth what they cost.

Updated ICSA firewalls. [did a few paragraphs before] Don't think of the firewall as plug and play. It has to be constantly updated with firmware and signatures to thwart the latest attack, outbreak, and intruder. Most vendors have aggressive promotions for their newest firewalls and you should take advantage of them. Having an older solution, a freeware solution or a basic software solution that the vendor isn't updating with firmware isn't secure enough.

Install [OK? yes] intrusion prevention software [is this software (yes) or do you hire a specialist to handle it? In any case, please give a couple of examples]. Since no firewall can stop everything, intrusion prevention "IPS" and detection "IDS" are imperative. IPS/IDS solutions are usually updated rapidly and add another layer of protection to your environment. You need them for remote workers too. Basically, using them means hiring an outside team of security engineers [OK? si] to update your firewall and repel constant attacks.

To make it easy for you, here are some companies that have perfect internet security for small/medium businesses:

Good luck......fear the unknown.

www.sonicwall.com

www.watchguard.com

www.juniper.com

For more information, visit www.onestepdata.com.

Top Searches on
Security
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 
 • 

» More on Security