Computer security for small businesses can be multi-layered, using desktop security products such as antivirus, antispam and firewalls, and network intrusion detection, and hardware technologies such as security tokens, disk encryption and biometric fingerprint recognition.
Why should small businesses use computer security?
Small businesses should use adequate computer security mainly because the threats from cyber criminals, hackers and identity theft are very real.
Added to this, most small businesses also have a responsibility to their staff and their customers to secure the data they use in the organisation. In fact, regulations such as the Data Protection Act require that personal data is secured and used appropriately.
Most businesses use PCs, servers and networks to send and store vital information, often managing financial or private information belonging to customers and clients.
What sort of threat do cyber criminals pose?
Your business uses and stores vital information on your customers, your finances, your partners and your business processes.
This makes you highly attractive to cyber criminals, who spend their time attempting to infiltrate company networks and web sites for financial gain or identity theft.
Many hackers will try to exploit small business web sites that have old and unsecured coding, or which run on older or unpatched web servers and operating systems.
As well as this, they will try to encourage employees to open attachments or click on links in emails or on the web that take them to sites that will attempt to steal their private passwords or information. This is an activity called phishing.
How can I protect my staff and secure the business’s computer system?
Securing a small business comes down to having the right technology in place and also having the right security policies, which help employees to keep security in mind at all times.
Any good security policy should include things like using strong passwords that include numbers and letters; not sharing or displaying passwords; and only opening email attachments from reliable sources.
You should also encourage staff to use the web responsibly, and stay vigilant when contractors and outsiders are in the office.
In terms of IT, you should monitor access to the network, including memory sticks and other plug-in devices, which can be used to steal company information.
What security software should my business use?
The sky is the limit when it comes to implementing security software, but there is a minimum level of security that any business should have.
This includes: antivirus software to catch viruses and Trojan horse programs; antispam software to control spam which could contain malicious code or links to hacker web sites; and antiphishing software to detect financial hacking techniques.
The software security system should also have a desktop or a server-based firewall program that monitors your Internet connections; and encryption technology to protect email and other traffic, particularly for wireless networks.
What are the popular security packages?
- AVG Internet Security
- BitDefender Total Security
- CA Internet Security Suite
- CheckPoint ZoneAlarm Security Suite
- Kaspersky Internet Security
- McAfee Internet Security Suite
- Panda Internet Security
- Sophos Security Suite SBE
- Symantec Norton Internet Security
- Trend Micro Internet Security
What other security technologies are available?
Businesses that access information remotely might want to set up a virtual private network (VPN). This is a server application, or specialised VPN device that attaches to the network.
It allows you to access applications via a web browser, and encrypts the network traffic to make it secure.
The user can access the network using a login name and password, or with a hardware security token which generates unique passwords every few minutes. RSA SecurID is one of the more popular hardware token security systems.
Full disk encryption is also an option, and this will secure any and all information on a computer’s hard drive and render the machine useless to any criminal who tries to steal it.
This was first published in July 2009