ccny blog network security for small business

The 9 Steps to Network Security for Small Businesses

Small Business Owners: It’s Time

There are two main reasons why business owners are not taking proper steps to protect their networks; one reason is known as “security fatigue,” and the other reason is essentially denial. Security fatigue happens when cybersecurity becomes so overwhelming that business owners abandon practices altogether. Security is always changing and attacks are becoming more sophisticated, so some feel that their efforts are futile.

When business owners are in denial, however, they believe that they are not at risk of an attack. According to a poll, about 87 percent of small business owners do not feel that this is a legitimate threat. That same poll says that just 69 percent have measures in place to prevent attacks. These statistics leave an alarming number of small businesses without any intrusion detection/ prevention at all. Now let’s be clear here, data breaches are a real possibility for all companies, in all industries.

We understand that securing company networks, data, applications, and sensitive information can be terribly overwhelming. It can be even more stressful when customer information is on the line. As technology becomes more and more centralized in our businesses, our need for security becomes even greater. However, network security does not have to be as elaborate as you may think. While it is critical, it can be easily implemented and maintained.

9 Simple Steps to Network Security

1.Limit Your WiFi Range – Limiting your WiFi range is a simple way to help improve your network security. Having a WiFi range that extends further than your immediate building leaves your network more exposed to hackers. It may not seem like a likely issue, but it is more common than you may know.

2.Install a Firewall – A firewall is a very simple and manageable way to protect your network. Having a dedicated firewall allows for more in-depth inspection of packets entering your network. This helps to ensure a safer network for all employees, without creating a bottleneck for bandwidth.

A Fortinet Fortigate is a popular choice for business networks. They offer an array of security enforcement technologies and fight against advanced threats.

3.Physical Security – It can be very useful to keep your network infrastructure behind locked doors. Studies have found that the majority of breaches have been performed by employees – both intentionally and unintentionally. It can be best to keep network infrastructure off limits to anyone that does not need direct contact with it.

4.Educate Your Employees – Because inside accidents are so common, it may be beneficial to spend one day a quarter teaching best practices. This includes educating employees about opening certain emails, where to save company and customer data, spam filters, and clean desk policies, among others.

A clean desk policy means all employees keep company and customer data off of their desks when it is not being used. Any visitor, or even employees from other departments should not have the opportunity to view sensitive information.

Password training can also be beneficial. Not only is it important to not write down passwords, it is also helpful to use complex combinations and to change them frequently.

5.SSL and Encryption – Most businesses today have a website. If financial information passes through a website, it is up to the business to do their due diligence and protect that data to the best of their ability. A very easy way to kick this off is to enable SSL through your hosting provider. SSL stands for Secure Socket Layer and it ensures that everyone using your website has end to end (browser to server) encryption of their communication. This helps to protect against loss of data through packet sniffing.

6.Have a Centralized Accounting Server – In a world where over 80% of small businesses and over 60% of large businesses have reported being successfully hacked (according to cbsnews.com) it is vital to ensure timely forensics once an attack occurs. A centralized accounting server maintains logs from all devices on the network and can be used to determine the point of entry for an attacker, as well as their information (if the system isn’t compromised). These files are essential for damage control and future preparation.

7.Captive Portal on Access Points – Implementing captive portal for guest users on your network is a simple way to relieve some potential responsibility. This is done by ensuring guest users read and agree to an AUP (acceptable use policy) which explains acceptable use on your network. If a guest then uses your network to commit a crime in some way, your business is no longer liable for their actions.

8.Avoid BYOD – All management and employees should avoid using their personal devices for work. When office workers use personal phones, tablets, laptops, etc. at the job site, they open up the network to a number of threats. When connecting outside devices to the company network, it is then exposed to any viruses and threats that they may have been carrying. Likewise, when an employee brings work home on personal phones and computers, they compromise the work to the low level of security on their home network. Employee devices should not be connected to the company network and company work should not be brought home. This can leave a network very vulnerable.

9.Anti-virus and Automated Software Updates – Researching and installing proper antivirus is a great way to protect your network. Attacks can be hiding in all kinds of places and antivirus makes it just that much safer to visit websites and open emails.

Automated software updates are another helpful networking practice because it ensures that you are running the latest versions. Software updates often include patches to any issues in previous versions. This can include security leaks and holes. These updates run in the background, and even while you don’t notice that they are happening, they can be protecting your data.

CCNY Tech has a variety of products from some of the top names in the industry! We supply servers, networking, and storage equipment, along with custom configurations. Check out our site or call our team to learn more about our products and services! Visit our website to learn more at ccnytech.com.

Posted in