110 Important Steps to Securing Your Small Business
Small businesses (fewer than 50 employees) face the same security threats as large organizations. However, such businesses also must contend with the challenge of limited budgets. The role of administering the network in a small business often falls on the business owner or on an in-house techie, both of whom wear many other hats in the organization and usually do not have the time, the resources or the expertise to work on complex deployments and administration. Fortunately, small businesses can have big-business-type protection by taking advantage of modern network security technologies and approaches. In this eWEEK slide show, using industry information from new-generation security provider SonicWall, we offer the top 10 network security challenges faced by small and midsized businesses (SMBs) and tips to addressing each of those challenges.
2Layer Your Security
The challenge: Network attacks are becoming more widespread, intelligent and difficult to detect, leaving SMBs at an even great risk due to limited resources and budgets to fend off risk. Network entry points are not only public-facing servers but also employee devices that may be compromised by use outside of the corporate security perimeter. The solution: A layered network security approach brings a new level of scrutiny to network traffic passing into an SMB, making network protection more complete, affordable and manageable.
3Secure Your Gateway
The challenge: A small business owner wears many hats, and close, regular monitoring of your business’s network perimeter is just one of many roles you have within the organization. The solution: Block threats at the network perimeter with a firewall that inspects all files completely because threats can gain entry via commonly used communication protocols that many SMBs rely on today, including email, file sharing and harmless-looking utility programs.
4Keep It Simple
The challenge: The total cost you pay for security is in the cost of installing, using, managing and maintaining it. The processes can be complex and prohibitive for SMBs to manage. The solution: Create a workable and cost-effective plan that secures the business against sophisticated threats by installing a centralized or hosted management solution that eases administration and lowers ongoing cost of ownership.
5Keep It Affordable
The challenge: Purchasing stand-alone products can quickly drive up IT expenses with separate costs for each device’s purchase, installation, operation, training, administration and maintenance—not to mention challenges associated with managing myriad point products. The solution: Consolidate all of your security tools into one appliance. This allows the business to deploy broader and better-coordinated security within your budget.
6Get Rid of Bottlenecks
The challenge: The amount of traffic being scanned by your firewall, and inspection of every byte of every packet, quickly becomes more than many traditional firewalls can handle and can bottleneck network performance. The solution: Make sure that the solution you implement can keep up with the increasing volume of encrypted traffic as well as inspect large files that are now commonplace.
7Keep Your Systems Running
The challenge: Single points of failure can be frequent and cumbersome and expose the business to risk if a primary security device fails. The solution: Deploy a modern UTM solution with high availability to prevent hardware failover functionality and automatically roll security functions to an identical UTM appliance, which then reverts back once the primary appliance is restored.
8Keep Your Network Productive
The challenge: Often the office network is being used for nonproductive tasks, such as movie downloads, interacting with friends and watching streaming media. You need to control how the network is being used in addition to having real-time visibility into how network resources are consumed. The solution: Modern application layer inspection tools can identify what applications (like Pandora or sales applications) are being used, then you decide how to allocate that bandwidth. This can protect against threats and helps prevent network slowdown caused by bandwidth-consuming, nonproductive applications, while still allowing users to utilize web and email for business.
The challenge: Solutions and resources are needed to maintain regulatory compliance with external regulations (PCI, HIPAA, etc.) or internal regulations (policies for protecting intellectual property) to avoid penalties and business risk. The solution: Integrated compliance management solutions that integrate with centralized policy management and backup and reporting options will help you track, audit, report on and verify your compliance.
10Secure Your Endpoints
The challenge: For SMBs, your office could be anywhere. Add in contractors, partners and customers looking to access your business from their devices, and this puts the business at risk if there is no understanding as to whether the device is secure. The solution: Secure your business’s endpoints with techniques that can assess the endpoint devices and verify whether or not they are running an antivirus solution with the latest signature database.
11Be Prepared for the Unexpected
The challenge: It’s not only headline-grabbing natural disasters, but also more benign events, such as a power outage, equipment failure or even a stolen laptop, that can disrupt and expose your business to risk. The solution: Modern UTM appliances that feature built-in IPSec or SSL VPN capabilities are ideal for secure remote access during an emergency and provide users with safe connectivity to corporate network resources using a web portal. Modern continuous data protection (CDP) solutions can also automatically back up data to discs, avoiding the complexity and human error involved with tape backup.