There's no point investing in hardware if you don't also have systems in place secure it. We identify the critical tools you'll need to secure your IT systems.
Security is the fastest growing budget item in most IT budgets today. But, despite this, losses from security breaches and failures continue to escalate.
Systems security used to be a relatively simple task. As everything ran inside your network, as long as you protected the border and ran some security software on the end-point devices you would be in pretty good shape. Today's IT environment is more complex. Without exception, every operating system on the planet has been compromised recently either through hackers breaking through the security measures that were in place of by exploiting hitherto unknown flaws in software.
So how do you secure your systems?
For your internal systems you'll need to ensure that you have a robust firewall in place. This is likely to be a hardware solution that takes all of your inbound and outbound internet connections and only allows them to traverse the border of your business if they satisfy certain criteria.
For example, you could use the firewall to block access to web-based email services to prevent staff from emailing confidential documents through their personal email or to stop email entering users' systems and introducing malware.
End-point protection used to be called anti-virus software.
But today's threats are for more sophisticated. Key-loggers can capture keystrokes and send them out to external parties, for instance. Or an ad on an otherwise safe website might be infected with a piece of malware that looks for data such as banking details or credit card numbers. Good end-point protection software will help users avoid some of those hazards.
A significant factor in establishing good security in your business is to start with people. The best systems in the world will count for nought if users either bypass them or engage in risky behaviour.
Some of the things you can teach all your users to do are:
#1 Use complex passwords
Every few months, a report is released telling us that the most commonly used passwords are "password" and "123456". As well as enforcing system rules to disallow these, teaching users about the consequences of weak passwords can be a valuable lesson.
And, it's important that mobile devices such as smartphones and tablets are also secured with passcodes. The recent "Oleg Pliss" iPhone hack could not work on iOS devices that were secured with a passcode.
#2 Identify phishing scams
Phishing scams look like official emails that try to fool you into handing over personal information. Similarly, cryptoviruses also use email phishing methods to lure users into clicking on infected links.
A common phishing scam sends an email that looks like it's from your bank that will tell you to log into your banking service to reset your password because of a security breach. But the email is from a scammer trying to steal that that information by directing you to a copy of your bank's website.
Teach users to not click on links in emails.
#3 Avoid dodgy apps
Given the cost of some software it might be tempting to source applications from "unofficial sources". There have been numerous cases where pirated software has been used as a method of introducing malware to a user's system.
Similarly, apps for mobile devices should only be loaded from officially sanctioned and curated app stores. There are literally millions of pieces of mobile malware with the very vast majority distributed outside the app store infrastructure.
#4 Look out for social engineering attacks
Social engineering attacks usually take the form of an offer that's too good to be true. The most well-known version of this is Nigerian mail scam where victims are slowly lured into a web of lies and tricked into voluntarily handing over money.
Most people are well aware of these types of scams but the Nigerian mail scam and the hundreds of variants are still a substantial source of income for scammers.
#5 Don't forget physical security
Putting a password on your laptop is all well and good but unless you lock the doors and windows at night and pay attention to who is coming in and out of the office then all those logical security measures won’t stop physical theft.
Once someone has physical access to a device, you should consider any data held on that device to be compromised.
Having thought about blocking the bad guys from getting into your network, you also need to think about what leaves your borders. Today's hackers are pretty smart and patient. In many cases they'll lie in wait for many weeks or months before they carry out their primary objective. In fact, the average amount of time a system is compromised before the compromise is detected is about eight months. Clever hackers try to look like "normal" users in order to avoid detection.
That means you need to be looking at what data is leaving your borders and whether the exfiltration of data is "normal". This requires careful analysis of lots of data to identify patterns of both usual and unusual behaviour. For example, it might be normal for a member of your IT team to transmit system logs to the outside world. But if the same data left the business from a member of the marketing department then that would be unusual.
There are lots of software tools that will analyse what enters and leaves your organisational borders, looking for usual patterns so that you can be assured that only authorised people are carrying out authorised activities in your network.
You should now have a pretty solid understanding of how IT security works. Check in at the same time and place on Wednesday for an overview of storage.
Network security picture from Shutterstock