Just because your business is small, doesn’t mean that hackers won’t target you. The reality is that automated scanning techniques and botnets don’t care whether your company is big or small, they’re only looking for holes in your network security to exploit.
The good news is that there are a lot of things that small businesses can do to lock down networks without spending a small fortune. Through a combination of hardware, software and best practices, you can minimize your risks and reduce the attack surface that your small business presents to the world.
10 Tips to Tighten Network Security
1. Get a Firewall
The first step for any attacker is to find network vulnerabilities by scanning for open ports. Ports are the mechanisms by which your small business network opens up and connects to the wider world of the Internet. A hacker sees an open port to as an irresistible invitation for access and exploitation. A network firewall locks down ports that don’t need to be open.
A properly configured firewall acts as the first line of defense on any network. The network firewall sets the rules for which ports should be open and which ones should be closed. The only ports that should be open are ports for services that you need to run.
If you’re running a Web or mail server on your network, the proper ports for those services need to be open. If you’re not running those services directly on your own network, say for example you’re hosting your website and email with a service provider, you shouldn’t have your Web server and email ports open.
Typically, most small business routers include some kind of firewall functionality, so chances are if you have a router sitting behind your service provider or DSL/cable modem, you likely have a firewall already.
To check to see if you already have firewall capabilities at the router level in your network, log into your router and see if there are any settings for Firewall or Security. If you don’t know how to log into your router on a Windows PC, find your Network Connection information. The item identified as Default Gateway is likely the IP address for your router.
There are many desktop firewall applications available today as well, but don’t mistake those for a substitute for firewall that sits at the primary entry point to your small business network. You should have a firewall sitting right behind where your network connectivity comes into your business to filter out bad traffic before it can reach any desktop or any other network assets.
2. Password Protect your Firewall
Great you’ve got a firewall, but it’s never enough to simply drop it into your network and turn it on. One of the most common mistakes in configuring network equipment is keeping the default password.
It’s a trivial matter in many cases for an attacker to identify the brand and model number of a device on a network. It’s equally trivial to simply use Google to obtain the user manual to find the default username and password.
Take the time to make this easy fix. Log into your router/firewall, and you’ll get the option to set a password; typically you’ll find it under the Administration menu item.