Building a business is difficult enough without having to contend with threats designed to take your hard work and render it worthless. As we become more connected and do more in the cloud, the onus is on us to protect our networks and our computers from these threats. As small businesses are prime targets for hackers and malware, you have to do everything you can to protect what’s yours.
Protecting your business is not optional, we all have to do it. Fortunately there are a bunch of ways you can do it that won’t cost the earth. When resources are tight and you have to prioritize expenditure, protecting your business on the cheap without compromising security is essential and that’s what I’ll cover today.
Defend what’s yours
Here at New Jersey Computer Help, we have a defined methodology for protecting our customers. It uses defense in depth to provide a robust, secure network that keeps the worst threats out. What’s more, it doesn’t cost the earth.
A good defense will include:
- A hardware firewall at the point of entry.
- Hardware, software or cloud antivirus and malware scanners.
- A full backup system.
- Drive encryption.
- Staff training program.
As you can see, it’s an involved process but can be made very straightforward to install and manage. Let’s take a quick look at each step.
Many small business routers will have a firewall built in. For startups or very small businesses, this should be adequate protection. It should be installed directly after your modem and before any other network device. For larger businesses, enterprise routers or solutions such as Cisco AWS or dedicated hardware firewalls will be more appropriate.
These devices can be expensive but should be considered an investment the same as good quality door locks and your building alarm.
Antivirus and malware scanners
Antivirus and malware scanners are also mandatory for effective defense against attack. You can integrate them into something like AWS, install software agents on all your devices or use a cloud solution with software agents and cloud scanning. Whatever route you choose to go, make sure to choose a leading solution from a leading provider.
Organizations such as AV-Test regularly put antivirus through their paces and rank them according to efficiency. While designed for home users, you can use the results for reference when selecting a product for your business. Some solutions will include malware scanners or you can get them separately.
Whatever solution you choose, make sure it offers automatic updates, automatic scanning, quarantine, rootkit scanning and a full malware scanning feature.
A full backup system
Computer and server backups are important for many reasons but defense is the more important of them. Network security is about preparing for the worst while hoping for the best and backups are planning for the worst. While we hope and pray we never need a backup, we need them there for if we do. There is nothing worse than our IT support team turning up to a premises only to find there is no backup to work with!
We have to rebuild everything from scratch and the business loses all their emails, data, documents, files and all those resources that made it tick. It has broken some businesses while others have managed to claw their way back. Don’t let it happen to you.
You can specify a full backup solution or create your own using network storage and a cloud backup solution. One backup can stay on site as long as it is stored securely but one copy must be kept elsewhere.
Drive encryption used to be a complicated mess that could leave devastation in its wake if not done correctly. While it still needs to be performed properly, computer encryption is now a viable way to protect data while at rest and while on the move. Drive encryption is built into both Windows and Mac and there are many third-party solutions out there that can protect your data.
Encryption is another place where we plan for the worst. In a perfect world, you would never need drive encryption but we need it there in case something or someone gets through. We have all seen the headlines of high profile hacks. Don’t let your business be one of them.
Staff training program
Staff training is a softer approach to defending your business data but it is also the most important. Many threats use the human element to infect a business as automated defenses are now so effective. Phishing, social engineering, infected websites, fake downloads, trojans, worms and other threats all depend on some human interaction to work.
Train your staff to recognize and properly handle threats and you remove 90% of the security challenges you face. Include data handling, encryption, secure passwords, internet hygiene and proper use into that training and you improve your security massively.
The IT support guys at New Jersey Computer Help can assist with putting together a training program if you need us to.
Protecting your business data isn’t about a single solution fixing everything. It depends on multiple defenses using different approaches to create a protected space where you can work and grow your business. It also creates a secure place to create and store data and where staff know their responsibilities and what to do in any given situation.
If you need any help securing your business, contact New Jersey Computer Help today. We can visit your premises and work with you to protect what’s yours.