Five Steps to Better Internet Security

By Lauren Simonds | Posted November 24, 2004

Running a successful business today requires an Internet connection to the outside world; but as just about anyone can tell you, that essential connection also exposes your company to a world of security problems, liability risks and productivity distractions.

Taming the Internet may be an impossible dream, but with proper planning and good advice, you can better protect your company from its less appealing characteristics. We recently spoke with Doug Potts, a pre-sales systems engineer at CDW. He spends his days advising small business owners just like you on ways they can improve their Internet security.

A Man With a Plan
No matter what size business you run, the main components for securing your Internet remain the same — only the type and scale of the solutions may vary. Potts recommends dealing with a trusted, reputable reseller who can talk with you about your company and help you find the solutions that best suit its needs. He also recommends following this five-step plan for securing your Internet:

  1. Set a Strong Internet-Use Policy — According to Potts, a strong policy lets employees know what their responsibilities are when it comes to surfing the Web on company time. "First you want to determine a company-wide policy that clearly states what constitutes acceptable Web usage," he said. "Educating your employees about how viruses and other malware can infect a PC via the Internet is important."

    Content filtering software lets you control where your employees go on the Web. For example, said Potts "you might want to filter out hate and pornography sites or online shopping sites. Doing so covers liability issues and creates a more secure, productive environment."

    Of course, being able to customize the filter is important because employees must be able to get the information they need to perform their jobs. One PR professional, concerned about the restrictive limits of content filtering commented, "But what if I have to find out whether someone called my client a 'boob?'"

  2. Install Centrally Managed Anti-virus Software — Anti-virus software that's managed from a single point (i.e., a server) ensures that every PC in the company is automatically scanned for viruses, worms and Trojans, and that they receive regularly scheduled security updates.

    "Depending on the program, anti-virus software can be fairly complex," said Potts. "SMBs have two options. First, you can go with a program that a trusted reseller recommends for you. A good reseller will take the time to learn about your company by asking questions like what's your comfort level regarding technology? Can you (or someone within your company) manage the anti-virus software?"

    The second option applies to SMB owners or managers who don't want to deal with any of the technology. "The owner may not be tech savvy or may not have an IT staff," said Potts. "If that's the case, a reseller can either recommend a reliable service provider to handle the onsite installation and periodic maintenance. Often times the reseller can also act as a service provider."

  3. A Firewall with Intrusion Detection Capability — Hackers have become increasingly crafty when it comes to attacking networks. According to Potts, network worms — such as Sasser and Code Red are particularly tricky. Designed to look like legitimate Internet traffic, the worms can sail right through your firewall.

    "That's why you want to have a firewall that has intrusion detection capability," he said. "It'll help the firewall recognize and deflect external threats such as worms and other well-disguised intrusions from gaining access to your network."

  4. Install Host-Based Intrusion Detection — While intrusion detection at the firewall keeps worms from entering the network, host-based software — intrusion software you install on individual desktops — protects your network from attacks launched inside of your network.

    "If an attack comes from within the network (whether it be accidental or intentional), the firewall won't help — it's strictly for defending against external threats," said Potts. "Installing intrusion detection software on individual PCs protects the inner workings of your network. Major anti-virus companies — Trend Micro, Symantec and McAfee — offer intrusion detection in the latest versions of their software."

  5. Digital Signatures — Digital signatures are used to encrypt data between locations or across the Web. "They're especially important for companies that need to meet Federal regulations such as HIPAA and Sarbanes-Oxley," said Potts.

    For example, if you're a doctor and you need to communicate via e-mail with a specialist about a particular patient, you can use a digital signature to secure the patient's data so that no one but the specialist can access it."

    "Of course, digital signatures are more costly than the other four steps mentioned here," Potts said. "They require people to manage the encryption keys, but small businesses without the in-house resources can outsource the task to a third-party company like Verisign."

    Lauren Simonds is the managing editor of SmallBusinessComputing.com

    Do you have a comment or question about this article or other small business topics in general? Speak out in the SmallBusinessComputing.com Forums. Join the discussion today!

Comment and Contribute


     

    Get free tips, news and advice on how to make technology work harder for your business.

    Submit
    Learn more
     
    You have successfuly registered to
    Enterprise Apps Daily Newsletter
    Thanks for your registration, follow us on our social networks to keep up-to-date