IT Computer Security Solutions
Your Business’s Computer Security has many facets and if you want to protect your business IP and data it is important that you are protected with applicable IT solutions.
Techniques for protecting a business’s systems and data include:
- Security policies
- Backup solutions
- SPAM filtering
Security considerations include physical access to computers as well all other means of access. These “other” means would include
- internet remote access
- web access
- removable media
These are the chief areas that that the “bad guys” target when trying to gain access to your network.
Many of the access points mentioned above are targeted with malware to provide Trojan access to your network and will be discussed in more detail below.
Internet remote access security
When your computer or IT network is connected to the internet, you are provided access to resources on the internet as well as possible access to your network by people or machines connected to the internet. This opens you up to various threats that could come from the internet.
The most obvious is remote access by those who are not authorised to access your network remotely. This access could be gained in various ways a few of which are mentioned below.
- Weak passwords or password policies
- Lack of or weak firewall between your network and the internet
- Malicious software activated usually unwittingly on your network providing unauthorised access. These are normally referred to as viruses.
There are many types of virus. Some do little damage but all are security risks. Viruses can infect a system and open a “back door” for unauthorised access.
Viruses also monitor the key strokes of the user and feed this information back to an external party to gain access to banking passwords.
One especially nasty piece of malware that has been around for a few years now will encrypt all of the data on your PC and network devices and then demand a ransom before making your data available to you again this is known by the generic name of Cryptolocker.
What techniques are used to combat these vulnerabilities?
Since there are many possible means to gain access to a network, there are also many considerations when preventing access and removing vulnerabilities.
User account security
A business should have a password policy in place which stipulates the minimum complexity of passwords, their minimum length and maximum age.
In this way one limits the risk of a password being guessed and even if more than one person gets to know a password, it will get changed with a certain time frame meaning that the unauthorised person would no longer know the password anyway.
General company security policies
Other security policies that businesses should have in place are policies addressing the use of removable media as well as policies detailing acceptable internet use.
Use of the internet within the business should be restricted to business related applications and web site. Viruses and Malware can be introduced to the business by removable storage media like USB Flash drives as well as accessing questionable web sites.
Anti-Virus and Anti-Malware
End point security refers to anti-virus software installed on the “end point”. This is the PC or device that the user uses and differs from other types of security by where it is located. The point of anti-virus software is to stop the activation of a virus at the end point.
Firewall Perimeter security
Firewall Perimeter security is the protection of your connection to the internet and is usually done with a Firewall device.
It is important to be aware that, with the advent of other wireless and mobile internet access, users can inadvertently provide another access point to your network.
This can be done by plugging an unsecured WiFi device into your network or by connecting to the internet via a mobile broadband connection with a device that has been compromised. Networks can be locked down to combat these risks.
If you have a mail server hosted on premises, it is good practice to have the business emails filtered through an external SPAM filter.
This filters out SPAM and prevents delivery to your mail server. There are various advantages to this, but the biggest are that malicious emails don’t get delivered to user mailboxes and that the business does not have bandwidth taken up with SPAM.
Data Backups are not a preventative measure, but are an important part of securing your data.
It is important that you have reliable backups and that any and all threats are unable to affect your backups or your ability to restore from the backup.
This means that backing up to a USB drive or an unprotected network share are not sufficient. Only the backup software should have access to the backup storage location.