Five Ways for Businesses
to Tighten Network Security

In my last column, I discussed how businesses are increasingly exposed to the threat of security breaches in today's "wired" workplace. Small companies are no less vulnerable than large ones and all need to take precautions to protect their information-based assets.

Network security is a blend of individual practices, policies, hardware and software. Each business has its own technical complexity and accompanying risk level.

To protect your company, you need to analyze your procedures and identify where you're exposed the most. From there, you can select the right products and implement the appropriate policies to meet your needs.

There are basically five key areas to consider: physical security, anti-virus software, a firewall, virtual private networks (VPNs) and biometrics.

Physical security is the most basic and most important aspect of network protection. Regardless of how technically sophisticated, if users do not follow the basics of physical security, the rest of the system is vulnerable.

Using passwords to prevent unauthorized access to specific applications and accounts is absolutely necessary. Passwords should be complex to help make them more secure. Too often, users pick their own passwords, using predictable patterns such as the names of their pets or their spouse. Clearly, these predictable log-ins are easy to hack. However, when passwords are complicated — perhaps a unique string of numbers and letters — users tend to forget them and tape the password under the keyboard or onto the side of the monitor. Either way is equally unsuitable. Password policies and procedures must be documented, implemented and monitored. Additionally, network servers should be physically secured in a server closet with limited access. All sensitive documents should be shredded to prevent security leaks that come from practices such as dumpster- diving.

Anti-virus software is the next basic level of necessary protection. If you have Internet, you have exposure. Viruses are annoying, frequently destructive and happen every day. Server managed antivirus solutions are preferred for companies that a server. for stand alone workstations, anti- virus software (Symantec, McAffee) at approximately $50 per user, you will save yourself numerous headaches and problems. Of course, the software should be updated at least weekly (there are free Internet-based updates) to insure that the most current viruses are being detected.

Firewall: Companies with dedicated connections to the Internet, such as broadband or a dedicated data line such as a T-1, should also consider a firewall product.

A firewall is a software solution that provides basic protection from intrusion and attacks.

Hackers come in all varieties, ranging from unknown outside sources to internal employees who are disgruntled and possibly malicious. Either way, access to your network via the Internet must be limited, monitored and protected. The cost of firewall hardware can range from the low $100s to tens of thousands of dollars. a Popular small business product is the Cisco Pix starting at around $500. The best protection for small companies is a combination of anti-virus software with a firewall.

Virtual private network: More sophisticated technical environments such as multiple site accessing and sharing network resources should consider a virtual private network that creates a secure tunnel from one location within an organization to another over the Internet.

VPN ability is integrated in many firewall solutions. The more robust the hardware, the more likely it will have features such as intrusion detection and encryption, which provide additional protection. Recent Microsoft products such as Windows 2000 and Windows XP are built to support firewall and VPN environments and include encryption.

Biometrics: At the most advanced level, companies with very sensitive data will use all of the above and add biometrics for security protection. Biometrics software uses physical evidence — e.g., fingerprints, retina identification — to confirm the identity of the user. This technology is still too new and too expensive to be considered now; but it's safe to say that within the next few years, prices will come down and more products will be available to make this cutting edge security protection more common in the workplace.

In an all-perfect world, a discussion about information security wouldn't be necessary. But in today's imperfect world where technology rules, woe to the business manager who doesn't take every precaution when it comes to protecting his or her information assets.

< Back to Small Business Technology Articles