It is an unfortunate fact of modern computing that you will be exposed to viruses, trojans and other malware. Even if you have antivirus software installed and running, you are still dangerously exposed to the risk of losing data, having confidential information stolen or your bank account hacked. Criminals have started specifically targetting small businesses because businesses have less legal protections than individuals and financial institutions consequently have less of an incentive to prevent fraud.
There are three typical scenarios you should be protecting your business against:
There are a number of practical steps to protect yourself against malware you can take immediately.
You should run an enterprise antivirus product on every computer you have and ensure that the virus signatures are up to date on a daily basis. Be sure to choose an antivirus product that has a minimal impact on the processing power of your system, like System Manager AV. Some AV products, including top brand names that you may already trust, use far too much of your system resources and as a result impact the smooth running of your IT equipment as much as running a virus infected system would. Since most malware just impacts the performance of your IT equipment, you get no advantage in running these inferior products. Find out more about System Manager AV. >>>
You should ensure that your Windows operating system and all the applications you run are patched and up to date. It's not just a matter of running the last service packs. Microsoft typically releases more than 10 critical patches every month that you must apply to each computer in your environment to protect your computers from getting infected by the latest trojans and malware. That's not to mention applications you may not even be aware that you need, like Adobe Acrobat Reader, Macromedia Flash and Java, all of which have had critical security flaws that have been patched since their release. If you don't patch these applications, your computer can get infected with malware, even if you are running the latest antivirus products, because most AV products only scan the hard drive of the machine, and not the running memory which can be infected if your computer isn't patched. Find out more about our professional audit service which includes checking that your systems are patched and up to date. >>>
Your IT service provider should not have opened any inbound ports to your network in order to be able to manage your IT assets. Ask your provider to ensure that remote control ports like RDP (3389) and VNC (5900) have been closed. If these are open, it is possible for external attackers to guess the passwords to your servers, get on your systems and seize control of your IT assets, even stop your antivirus product from running correctly. They can then install software to capture your password details, even if you are using a computer which is not directly connected to the Internet. Check your IT provider hasn't opened up you to attack now. >>>
You should be logging onto your systems using dual factor authentication, such as a smart token or smart card. Dual factor authentication works because it relies on two pieces of information: something you have (a smart card or key fob) and something you know (your password). An external attacker, as well as an insider, can only get access to one of those items, and consequently is limited in their ability to penetrate the system. We provide dual factor authentication complementary to every customer who signs up to both our managed services and managed hardware platform, so that you can take advantage of this cutting edge technology straight away. Find out about your managed services agreement. >>>
You should correctly configure a network-based firewall, instead of trying to rely on firewall software running on individual PCs. A firewall running on an individual PC will continously prompt the user to authorise programs to access the firewall, which again can be as disruptive as getting a virus to the day to day ability to run the system. Whereas a network based firewall: typically running on your server or a firewall appliance, or provided through your Internet provider will provide protection without requiring the end users in your office stop working everytime they try something new. But even these solutions still let external attackers get as far as your network perimeter, using up valuable bandwidth and impacting the performance of legitimate network traffic. Find out about our Managed Internet solution, which stops illegitimate traffic before it reaches your network. >>>
You should secure any computer used to access online banking by restricting it from accessing other sites on the Internet. This means that you don't have to rely on software like antivirus products and Microsoft patches which can only stop and detect known threats and vulnerabilities (and, depending on the product, behaviour which looks like these known threats). By limiting the sites that this computer can access to just those required for online banking, you minimise the chance of any unknown threats or active attackers from getting access to the system.
You should have continuous auditting of your environment using a tool like System Manager. A sufficiently persistent and devious attacker, particularly an insider, will be able to penetrate the most secure system. But they will leave a trail in the process that can be later used in a criminal prosecution. Unfortunately, if the attacker is sophisticated enough to get into a well protected system, they will be sophisticated enough to delete the onsite audit information that their attack has created. System Manager checks into our central server every 30 seconds, and updates our secure database with the latest event logs from every computer we manage. It is impossible for an attacker to tamper with this information, because it is no longer in the compromised location. Find out more about System Manager. >>>