1. Business Class UTM Firewall
Businesses today are faced with more applications, more devices, more threats, more users and more traffic than ever before. Businesses are becoming more dependent on high-speed Internet connections to connect offices, store data, and use cloud computing to manage customer relationships, billing, and office productivity. The more connected your business becomes, the more important it is that the data stored inside your network protects from those outside your business such as cyber criminals. You also need protection from security breaches, employee error or misconduct from the inside of your organization.
A business class firewall provides all these levels of necessary corporate security and protection.
Many small businesses lack a robust firewall that can protect them from these external threats. Instead, they use free firewall software that offers minimal protection such as Windows PC firewalls, bundled carrier based firewall software included with your router provided by carriers such as CenturyLink or Comcast, or an out dated firewall lacking Unified Threat Protection and other current advanced security features. Such solutions don’t offer much protection from sophisticated threats so it makes sense to upgrade to a true business class firewall; such as Fortinet’s FortiGate line of firewalls.
Even if you have a firewall it may not give complete protection if you don’t have qualified people monitoring and managing it. The best device on the market will become less effective over time without upkeep. A business class firewall keeps your data safe by ensuring that threat definitions and firmware are up to date, backups are kept, and the system monitors 24-7-365. Most business class firewalls today provide Unified Threat Management and bandwidth fail over features as well.
2. Endpoint Security with Zero Day Protection
The ever increasing volume, speed, and sophistication of cyber-attacks require a move beyond traditional web security. Today’s cyber criminals are launching targeted malware that is designed to infiltrate defenses through multiple entry points of networks and endpoints. Companies need smarter cybersecurity that’s as dynamic and intelligent as the attacks it defends against, that can keep ahead of the proliferation of today’s threats, and that protects against new threats that may only live in the wild for hours or minutes.
Free Anti-virus and many paid endpoint security solutions do not have zero day protection against the ever changing threats. We recommend Webroot’s SecureAnywhere Business Endpoint Protection; which includes:
- Advanced Offline Protection Against Zero-Day & Highly Adaptive Threats
- No Conflicts with Existing Security or Endpoint Software
- Complete User Agent Policy Controls & Protection
- Browser Identity & Privacy Shield
- Devices Managed through Single, Intuitive, Web-Based Management Console
3. Enterprise Email Management and Security
Many threats come into your company through email and can then leave your company via email and deliver those threats to your customers and contacts. We recommend using a cloud based email security provider so your email is cleaned before it hits your exchange server or hosted exchange. We recommend the vendor Mimecast who provide an always-on, cloud-based email security solution that reduces the complexity of protecting your organization from malware, spam and data leakage. Their service delivers robust 100% anti-virus and 99% anti-spam service levels, with 0.0001% spam false positives. They also have email continuity built into the same solutions so if your exchange server or hosted exchange goes down, you still can send and receive email. Mimecast has added features such as encryption and archiving as well. Encryption is becoming a necessity for every business.
4. User Training
Many threats and attacks can be avoided as long as your employees have proper training.
Train your staff to:
- Be wary of opening any email attachment. Even when you know the sender, it’s entirely possible that their efforts to prevent attacks weren’t adequate and that a threat has infected their system, only to be passed on to you through some innocuous-seeming email. If you are the slightest bit unsure, contact the sender to verify that they meant to send the attachment.
- File sharing is another common source of contracting computer threats. Be sure you are downloading clean material. The best way to do this is to resort to legitimate sites that have pre-screened files for you.
- Use common sense and trust your gut feelings about any site, email or software that arouses suspicion. More often than not, your instincts are an excellent guide.
- Be careful when loading external media such as flash drives without scanning them, and know who is using the computers on your network.
- When using social networking sites such as Facebook, be careful about clicking any links that look suspicious.
5. Company Policy
You need to have a solid employee technology policy in place, in writing, that your employees read and sign. You should go over the policy with any new hires. If you do not have one in place, provide User Training above and have them sign it at that time. Treat IT security policy like a contract and include:
- Define what employee can and can’t do on company PCs and/or mobile devices accessing your network.
- Educate about email, internet and social media best practices to avoid phishing, spam, malware and other threats.
- Provide your employees with access to your IT provider or dedicated staff for any questions or concerns.
- Enforce the consequences of not following policies (be careful, many infractions are accidental which is why you need to train your employees).
If you have any questions or concerns regarding how to better secure your business, please do not hesitate to contact Platte River Networks for immediate expertise and assistance:
303-355-1941 or info@platteriver.com