The increasing complexity and business security demands of current network architecture have made network security a key part of infrastructure management. Malware is becoming increasingly sophisticated in both it’s delivery vectors and its form, and external attacks on the corporate network in attempts at industrial espionage and intellectual property theft are increasing in both number and character.
Business Security is now big business, and a comprehensive business security environment is an imperative for most corporates. To ease the burden on hard-pressed ICT departments, there are a number of cybersecurity tools that can assist. Most experts agree that there is no single approach or application that will provide the best security and that a defence in depth is the best solution.
In addition, the FBI state that the greatest cyberthreat sits between the screen and the desk. Effective cybersecurity tools are not just hardware and software.
- Over 14 Million businesses were “hacked” in the US in 2016
- Over 60% of all small businesses that have been hacked go out of business within six months.
Investing in Cybersecurity is not an option.
One cautionary. Many tools, while professing to be designed for the business market, are developments of home security systems. They are not industry strength tools. A proper evaluation process is needed before selecting and installing corporate cybersecurity software and hardware.
While the tools that are best will depend on an organisation’s ICT environment, here are 3 tools that every business should consider. They are not just hardware and software.
As noted above, most malware attacks happen because of user error. It is vital to have a workforce educated in cybersecurity practices, reinforced with regular updates. Make it a part of the induction process to begin that education process and follow it up with update sessions and regular email notifications of current malware threats.
There are educational tools available to assist in the process. Specific areas include:
Password Management and Management tools
Users should understand the importance of regularly changing their password. They should also understand the importance of selecting a strong password and not writing it down where it can be easily seen.
Password vaults such as 1Password can be used as a secure repository for passwords, removing the need to remember them or writing them down.
Some network management environments specify time limits for the validity of passwords, forcing a change after a set interval. They can also force password structure, for example a minimum length, a mixture of lower case, upper case, numbers and special characters. The IT Department should implement this.
All desktops, and ideally all smart devices accessing the corporate network must host anti-malware software. The software and malware signature files should be updated from a central location and the user should not be able to disable it.
A recent industry review of anti-malware software has put TOTAL AV at the top of the list for anti-malware offerings.
It includes anti-malware protection, VPN support, phishing URL detection, ID Protection, a browser & disk cleaner and more in in the compact package. It presents an easy to use software design. In addition to the usual server and desktop protection, it will protect all your mobile devices including smartphones & tablets.
Information and Detection
The old adage is that “knowledge is power”. In terms of corporate networks that translates to vigilance and a continual monitoring of network activity to detect possible malware and external attacks.
There are both corporate and desktop applications to provide that information.
For the desktop Windows GodMode is a good place to start. Simply put, it collects links to all the management tools (over 200 settings and tools) in a single desktop folder, tools that are normally scattered throughout different parts of Windows. Getting to activity logs, network performance graphs and so-on is now a lot easier. Also consider education in how to interpret the information presented.
In the corporate environment, industrial strength management and monitoring tools are needed. Obviously, comprehensive security systems such as Symantec or McAfee are needed to provide the overall security environment.
To provide the in-depth aspects, further applications are needed:
The first step is network intrusion detection tools.
An Intrusion detection system (“IDS”) is a system that detects vulnerability exploits against targets, usually either applications or systems. It comes in the form of a network device or software application used by network admins to monitor the network for any unusual activity that could indicate malicious activity.
A reporting component alerts the admin when such activity is detected.
IDS is available for all environments.
The second step is to block suspicious websites.
Many anti-malware applications, and increasingly browsers will block access to websites considered “dodgy”. This option should be enabled and users not able to proceed to these websites.
The prose of security is eternal vigilance. Fortunately, software and hardware is there to help.