1Educate Users on Targeted Attacks
Cyber-criminals are increasingly targeting organizations and their employees by using customized malware and social engineering. Users need to be educated about the dangers on the Internet and how to avoid such threats as suspicious emails, suspicious social media links and email attachments from unknown sources. They also need to be careful when sharing information on social networks.
2Minimize Mobile Risks
Smartphones and tablets are becoming more common in SMBs and enterprises alike, and for a while, there were few dangers linked to these devices. But attackers are beginning to turn their attention to the mobile space, developing malware designed to track users and steal information from the devices. That was seen in 2011, when mobile vulnerabilities jumped 93 percent. SMBs need to put security technologies on the devices, like encryption for business data, and to put user policies in place, including mandating password protection and restricting application downloads.
Data breaches were common in 2011, and hackers continue to focus on identify theft. While hacking caused the most damage in breaches, the most common cause was the loss or theft of devices. Data losses can lead to both financial loss and damage to customer trust. There are data-loss-prevention technologies that can not only protect information, but also help businesses shore up business processes.
4Defend Against Malware
Malware is a significant concern for SMBs, given that many legitimate Websites have been compromised by malicious code that infects everything from blogs to business Websites. SMBs need strong endpoint protection that combines traditional antivirus and antimalware abilities with new reputation-based technology. All that should be used with browser protection to keep malware from infecting systems.
5Create a Comprehensive Security Plan
SMBs need to understand the threats that are out there to develop a good defense strategy. Some other ways are by employing multiple forms of protection, from endpoints throughout the network (firewalls, intrusion-detection and gateway antivirus technology), monitoring the network and implementing intelligent security policies. SMBs also should consider restricting the use of portable file storage devices—like external USB drives—to protect against malware. Keeping security solutions and patches up-to-date is also important.