5 Dangerous Myths of Network Security
Criminals love infiltrating small businesses because they can access useful, private information, often with minimal effort. They know many small business owners have a false sense of security regarding technology and, as a result, don’t take the actions necessary to protect their data. What follows are five common myths regarding network security. If you’ve ever expressed any of these thoughts, you might want to re-evaluate your system security.
1. “I have a firewall. Nobody can get into my system.”
Firewalls are vital for controlling system access, but they have their limitations. For example, most firewalls offer little or no antivirus protection. That shortfall can be remedied by installing antivirus programs. Of greater concern is the configuration of your firewall. When you purchase a firewall, all the “locks” and “doors” are set to “open” and must be configured appropriately. Network administrators must have a solid grasp of network protocols and computer security, because even small installation or maintenance oversights can leave a firewall useless against attacks.
2. “My system can’t be infected. I have antivirus software.”
Most antivirus programs do an excellent job of preventing invasions from known threats. The problem is that, depending on who you ask, somewhere between 200 and 1,200 new viruses are detected every month. So, it’s important that employees refrain from downloading applications from unknown sites, opening suspicious e-mail attachments, or using peer-to-peer file sharing sites. It helps to have a “layered” approach to protection by installing antivirus software on your network, your e-mail system, and individual computers.
Downloading antivirus updates and scanning systems regularly are also musts.
3. “My wireless network is secure.”
Wireless networks out of the box are just slightly more secure than walkie-talkies. Many wireless systems can be accessed by hackers stationed in buildings across the street. Proper installation of a wireless network is an important first step. This includes changing the generic administrator password and turning off the router’s broadcasting of the network’s name (known as the Service Set Identifier, or SSID). The addition of Wi-Fi Protected Access (WPA) encryption software also will make a wireless network tougher to penetrate.
4. “Our system is password protected.”
Passwords are to computers as keys are to cars. The lack of easy access might slow a thief, but it won’t necessarily stop him. After all, effective password cracking programs are readily available at no cost via the Internet. How do you fight back? First, enforce a policy that requires lengthy passwords that include numbers, special characters, and both upper- and lower-case letters. Second, ensure that employees aren’t leaving password reminders in obvious places, such as under the keyboard. And third, adopt extra system security—including forced delays—that prevents hackers from testing multiple passwords during short periods of time.
5. “I trust my employees with access to confidential data.”
If this is the case, here are a couple of statistics that may startle you. In one recent study, almost a third of the business people surveyed admitted taking proprietary information when they left their companies. A quarter of the thefts involved MP3 players or memory cards; 18 percent used the company’s e-mail system. Another study of more than 1,000 cases discovered up to 70 percent of identity theft incidents originated internally.
It’s wise to follow President Ronald Reagan’s motto: “Trust, but verify.” Installing software to limit data access and track data usage can help keep private information inside the company.
Don’t wait for an incident to occur before taking network security to the next level. It is also a good idea to talk with your insurance agent or broker about IT risks, as well as insurance products that protect against them. The high cost of repairing crashed systems, replacing stolen data, or defending customer lawsuits makes investments in system upgrades, expert advice, and insurance seem like money well spent.
Article by CNA.