Even the smallest of businesses
are not immune to Internet threats. Just a single security breach
could bring your business operations to a halt, decreasing productivity,
and potentially compromising data integrity, customer confidence,
and revenue flow. And today’s threats can come from anywhere
– wired or wireless networks, internally or externally. Gone
are the good old days when identifying the network perimeter was
easy, and securing it was just as straightforward – applying
some simple security devices would do the trick. The introduction
of new technologies, along with the increasing sophistication of
Internet threats, calls for a defense in depth solution.
The downside of new technology
Along with increasing reliance on the Internet and email, today’s
small businesses are also embracing wireless mobility, instant messaging,
and business-to-business applications. This makes good business
sense – these technologies can dramatically enhance business
operations – but at the same time you also need to be aware
they are accompanied by a certain element of risk. Every new technology
or device presents a new entry into your infrastructure, and could
also be taken advantage of by an attacker and used as a conduit
for attack if steps are not taken to secure the technology as it
is introduced.
Complex blended threats
Blended threats employ multiple methods to discover and exploit
network vulnerabilities, and then are able to self-replicate and
self-propagate – and it can happen unbeknownst to the computer
user. Blended threats like CodeRed and Nimda took the worst characteristics
of viruses, worms, and Trojan horses, and combined them with server
and Internet vulnerabilities in order to initiate, transmit, and
spread. Blended threats are designed to exploit the vulnerabilities
of security technologies working independently from one another,
and that is why defense in depth is so crucial to protection of
today’s business. Speed of distribution of Internet threats
has gone from weeks to days, days to hours. And with wireless connectivity,
there is the potential for threats to spread in minutes, or even
seconds.
Defense in depth components
"Defense-in-depth" means exactly what you might think:
creating multiple layers of protection around your computers and
valuable data. Multiple layers of security help keep the compromise
of one level from causing a general compromise of the entire network.
This layered defense is necessitated by the advent of blended threats
and the blurred network perimeter.
No business can afford to put itself at risk. To stay secured in
today’s highly connected world, you need to employ defense
in depth. Let’s look at some important elements of defense
in depth:
- Antivirus software provides protection from
files that come into the network via email, Internet downloads,
floppy disks, etc. Antivirus software should automatically check
for newly discovered threats, periodically scan systems for those
threats, and also watch in real time while new files are downloaded
from the Internet or detached from email messages to make sure
nothing unsafe gets through. Antivirus software should not only
protect your workstations and servers, but also your firewalls
and important applications like Web and email servers so that
you can stop many problems where they before they can spread.
- Firewalls provide an important line of defense
in protecting your network and all of its data by screening the
information entering and leaving a network to help ensure that
no unauthorized access occurs. Firewalls also help protect your
computer against DoS attack, and also against unwittingly participating
in one.
- Intrusion Detection software constantly monitors
the network for suspicious activity or head-on attacks, alerting
you or your IT staff so you can take immediate action. Intrusion
detection is especially useful when coupled with a firewall.
- Virtual Private Networks (VPNs) are vital
if you or your employees are connecting to the office network
remotely. VPNs secure remote connections beyond the perimeter,
allowing for safe communication across the Internet.
- Disk Imaging – Even with the right mix
of security safeguards, some extremely determined or imaginative
hackers or tools may work their way around your defenses and into
some of your systems. Sometimes it's hard to be certain of the
extent of the compromise, and it might be more prudent to go back,
and start from a safe point. A disk imaging solution can back
up, and restore data to a previous and trusted state, so you can
be confident in the integrity of the data.
More you can do
Outside of security technology, there are other things you can do
to bolster your small business’ defense in depth:
- Stay up to date on patching – Be vigilant
about checking for software updates to take advantage of security
fixes and patches for holes that might leave you vulnerable to
attack.
- Create a security policy – Outline your
information assets, and all access rights to that information.
Remote access rules should be outlined here also.
- Security awareness training - Educate employees
so they know their role in maintaining the security of your business.
- Restrict and control network access –
If you have any temporary or contract workers who need access
to your network, be sure to give them only the access necessary
to perform their job – and don’t forget to revoke
their access entirely once their job is done.
- Enforce password management – Ensure
that users change passwords regularly, and are careful to not
post their user names and passwords out in the open.
Today’s threats are becoming more prevalent and more advanced
in both their methods of spreading and the damage they cause. The
threats’ complexity in both attack and propagation, paralleled
by the growing complexity of the small business network, mean that
single security measures are no longer adequate. You must implement
security measures on all vulnerable points on your system, including
your servers and desktops, and establish a multi-layered, comprehensive
line of defense, or “defense in depth.”
|
