Last time, we looked at some reasons to start thinking about cybersecurity for your business. You may have found yourself asking, “Ok, how can I protect myself?” Below is a high-level overview of three fundamental aspects of cybersecurity, as well as some resources for further study. This technology doesn’t take a genius to understand, just a little patience and willingness to learn. Your business’s survival may depend on it.
Firewalls
“Firewall” may be a term we are all familiar with, but many of us don’t know what exactly a firewall is. According to cisco.com, “A firewall is a network security device that monitors incoming and outgoing network traffic based on a defined set of security rules.” Basically, a firewall will use filters to keep certain pieces of information out of your network. Most firewalls will let you choose which filters you want. In a post on their website, Comodo explains that firewalls can be configured to “prevent access to certain websites,” “prevent employees from sending certain types of emails,” and “prevent outside computers from accessing computers inside the network.” Some operating systems have firewalls built-in, including Mac OSX and Microsoft Windows. According to Microsoft, setting up a firewall is “the most effective and important first step you can take to help protect your computer.”
Firewalls can often act as your router, and even have “more advanced features that are designed to offer a superior level of [defense],” as opposed to a normal router, according to Manx Technology Group. For this reason, they recommend a firewall for a small business, rather than a traditional router. MTG goes on to list various features you will want when choosing a firewall. These include:
- “Internet connection support”
- “Wireless support”
- “Antivirus”
- “Intrusion Prevention Service”
- “Web filtering”
- “Reporting”
- “Virtual Private Networks (VPN)”
- “Technical support”
Popular vendors of firewalls include Cisco, Fortinet, and Sophos.
Antivirus software
Geeks On Site offer the following explanation of antivirus software: “Antivirus software, sometimes known as anti-malware software, is design to detect, prevent and take action to disarm or remove malicious software from your computer such as viruses, worms, and Trojan horses.” They go on to list the three scanning detection processes antivirus software uses:
Specific Detection, Generic Detection, and Heuristic Detection. Specific Detection “works by looking for known malware by a specific set of characteristics.” Generic Detection “looks for malware that are variants of known ‘families,’ or malware related by a common codebase.” Heuristic Detection “scans for previously unknown viruses by looking for known suspicious behavior or file structures.”
In a March 2007 article for TechRepublic, Erik Eckel lists 10 thing to look for in an antivirus application. These were:
- “Potency”
- “Low overhead”
- “Centralized administration”
- “Email protection”
- “Compatibility”
- “Effective reporting tools”
- “Technical support”
- “Certification”
- “Simplified licensing”
- “Reasonable cost”
Techradar offers suggestions on which antivirus software to use for your business: http://www.techradar.com/news/best-business-antivirus-8-top-paid-security-tools-for-small-businesses
Data backup
Losing data can be the ultimate business killer. According to atlantatech.net, “the cost of lost or stolen data access is estimated at $1.7 billion per year,” industry-wide. Backing up your data is the simplest step you can take to avoid these huge costs. In a 2014 article for CIO, Paul Mah advises that businesses use the “2+1” strategy. “For critical data,” he says, “businesses should make two full copies, maintained on separate physical devices. In addition, a third copy should be kept offline, preferably stashed at another location.” He points out that having one copy in a different location “protects a business from fires, floods and other localized natural disasters.”
Cloud backup solutions are gaining traction among small business owners these days, with companies like Carbonite, CrashPlan, and Backup Blaze being major players in the field. The previously mentioned Atlanta Tech article gives the following as factors to consider when choosing a cloud backup provider:
- “Is Public, Private, or Hybrid Cloud the Best Bet for Your Business?”
- “Which Type of Backup Schedule is Best for You?”
- “Do They Offer Sufficient Flexibility for Your Storage and Scalability Needs?”
- “How are Their Uptime Guarantees?”
- “Do They Offer Sufficient Data Security and Compliance?”
- “Do You Have Adequate Bandwidth?”
- “Is There an Opportunity for Unified Business Communications?”
While cloud backup is the hip thing to use, Paul Mah recommends tape storage technology for your backup.
There are plenty of options out there for Cybersecurity. It all may seem a little overwhelming at first, but the important thing to do is educate yourself. Below, I’ve listed some resources that can be very useful in learning what security you need, how that security works, and what the options available are. Be sure to check them out, and ask your SBDC counselor about the Cybersecurity Workbook.
For further reading:
https://www.techrepublic.com/article/10-things-to-look-for-in-an-antivirus-application/
http://www.techrepublic.com/blog/10-things/10-things-to-look-for-in-a-hardware-based-firewall/
https://www.comodo.com/resources/home/how-firewalls-work.php