Your network security doesn?t even look sort of like this, but it?s okay if you pretend that it does.
Your network may not be as secure as you think it is. After all, a single crack in the dam can bring a flood of malicious software in and, worse, send your private company data surging out. Small and medium-sized businesses are especially vulnerable, as most lack IT staff dedicated specifically to network security.
Here are five surprisingly common ways that business internet networks are compromised.
1. Lackluster Passwords
Despite how often people are told to create strong passwords, many resort to simple, memorable phrases that have substantial personal meaning. These one-word passwords can be cracked almost instantly. Once a single user is compromised, the entire internet network is vulnerable.
Strong passwords should be moderately long (five characters is a bare minimum), include symbols and/or numbers, and include both capital and lower-case letters. For example, while the password ?gandalf? would be cracked instantly, the password ?Gandalf2012!? would take an average computer approximately 344 thousand years to crack.
Institute mandatory password policies. In many content management systems, you can customize the settings to require a minimum level of password strength before the password can be set or changed. It?s also important that newly created accounts don?t come accompanied by default passwords such as ?changeme? or ?password,? as malicious users are on the lookout for temporary gaps in security such as these.
2. Unrestricted USB Drives
It?s understandable that you or your employees may want to bring in files from a USB drive, but it?s also an easy way for hidden malware to get past your network?s security. Restricting thumb drives altogether is an extreme measure that can be avoided if you make some key adjustments to your system.
First, change your computer?s auto-run parameters. Several modern ?worms? were developed specifically for USBs, with the key idea being that the virus would run automatically once the thumb drive was plugged into a system. The exact process for safeguarding yourself from auto-runs will vary depending on which version of Windows or Mac OS you?re running, but the key principle remains the same: Don?t let applications on USB drives run automatically.
Second, ensure that your anti-virus program automatically scans files on USB drives. Many of the mainstream anti-virus programs do this by default, but the precaution is not universal, so check the anti-virus software?s documentation and settings.
Third, don?t allow non-trusted parties plug in a USB storage device. It?s far too easy to plant files or malicious software if you know what you?re doing, so restrict outsiders or temporary workers from using these devices.
3. Firewall and Anti-Virus
It should be obvious that each system needs to have an updated anti-virus program and firewall running. The key element that many small businesses miss, however, is that the programs need to be updated consistently and system scans need to be run regularly. Restrictions on user permissions sometimes prevents these updates, and running a system scan during normal working hours can slow down employees.
The best option is to have a regularly scheduled time to update these programs and run system scans from an administrator account. Generally speaking, you should complete this process at least once a week.
A firewall program should also be enabled on your router to provide an extra layer of protection for your network. Anti-virus software for routers may also be a worthwhile investment.
4.Your Wireless Network Settings
If you don?t yet understand how fundamental it is to use a secured as opposed to an open Wifi connection, you should seriously consider hiring a professional to look at your network. If you are aware that your network at least needs to be sealed off, here are some additional precautions you should take:
- Don?t use the default router name. Default router names give away far more details about your network than you may realize; an experienced hacker can learn your router?s access IP address, default password, and default administrator username just by knowing which company provided the router itself.
- Change the default administrator username and password for your router. Otherwise, anyone who knows your router?s brand can tap into your network.
- Use WPA, not WEP. WEP security is decent for private use, but it is vulnerable to the more persistent breeds of hacker. All professional networks should use WPA encryption.
Once the network is secure, the only other precaution you need to take is not handing the password to anyone who isn?t a trusted member of the company.
5. Email
Spam is annoying for employees, but it?s also one of the most common ways that computers are infected and network security is breached. A good email program and a tested anti-spam program are an absolute must, and setting your anti-virus software to automatically scan all email attachments is generally a wise idea.
Another way email becomes vulnerable is through ?phishing,? where a malicious user attempts to trick a company representative into sending their login credentials. Phishing becomes far more of a threat for your business if an employee has the same username and password for personal accounts as they do for their business email or your company?s online platforms. Implement a policy that usernames and passwords must be unique to the business systems.
These five chinks in the armor are often left unpatched, and the results can be disastrous. By implementing the fixes and security precautions described above, you help to ensure that your business network remains secure and your company information remains safe.
Resources:
http://howsecureismypassword.net/
http://www.secpoint.com/WEP-Crack.html
nfc championship game martin luther king jr quotes martin luther king jr i have a dream speech packers score ricky gervais napoleon dynamite michelle williams
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.