< back to full list of articles
Stop Hackers, Crackers, and Spyware

or Article Tags

 

Do you think a router or
firewall makes you safe from hackers? Not necessarily. Do you think they won’t
attack you because your business is so small? Don’t count on it. Hackers might
pirate your broadband address and use it to hack others, store illegal
information, or test the latest trojan.

 

The checklist that follows will
help you protect yourself against determined hackers and the many problems they
can cause.

 

Create
a written security policy.
If you
own your own business and have employees, tell them in writing what they can
and cannot do on the Internet. Employees should know ahead of time that
downloading music, movies, and the like will get them into trouble; in some
situations, that can even be illegal, and you could be responsible. And of
course they should be mindful of the fact that downloads can carry hidden
viruses.

 

Do
quarterly or monthly vulnerability assessments.
<span
style=’font-size:11.0pt’> More than 300 new vulnerabilities (aka bugs in
software or hardware) arise every month, and any that you fail to fix will
provide an open door for hackers. With freeware and commercial tools readily
available via sites such as www.nessus.org, <span
style=’font-size:11.0pt’>www.eeye.com
, and <span
class=95StoneSerifIt>www.qualys.com,
it’s foolhardy to skip this step.

 

Patch.<span
style=’font-size:11.0pt’> Make sure you regularly download the most recent
patches for your systems.

 

Divide
information into groups.
Internal
hacking is even more popular than external hacking. If you have sensitive
information on your servers, you might want to build separate zones for it behind
your firewall. Everyone shouldn’t be able to see human resources files or
client information. Put your Web site in a separate zone behind your firewall
too. Hackers can attack via an exposed Web site.

 

Filter
content.
Filtering cuts down on
liability and increases productivity. If your employees view certain Web sites,
they may be creating risks of lawsuits, spyware, and viruses. If they download
something, it could be a trojan, virus, or other malware that could throttle
down your business. And don’t just block questionable sites. Remember, most
online purchases occur between 9:00 a.m. and 11:00 a.m.—prime-time work
hours. You could curb this activity and make online shopping opportunities a
benefit instead of a right by allowing staff to surf during lunch hour but not
at other times. Most users waste an hour a day surfing the Internet, which
could cost a company with 25 employees up to $150,000 a year in productivity.

 

Use
server/workstation antivirus and firewall antivirus programs.
<span
style=’font-size:11.0pt’> About 98 percent of businesses have antivirus (AV) on
their servers and workstations. Make sure all your servers and workstations
have updated AV as well as firewall AV, which is now available on most
legitimate firewalls. Since viruses can shoot through the firewall, why not
stop them there instead of letting them into your network, where they could
attack an unpatched or non-updated workstation? It pays to be paranoid.

 

Use
log reporting.
Would you like to
know where users are going, what type of bandwidth they’re using, and whether
anybody is hacking into your sites? Many tools can take system logs and put
them into graphic reports. With these reports, you can spot problems, including
excessive bandwidth use or visits to questionable sites, and determine what to
do about them.

 

Install
antispam and antispyware programs.

Spyware is out of control. A recent survey of 3 million computers found 83
million instances of spyware, usually traceable to downloads from the Web.
Stopzilla, SonicWALL, and many other fine antispam and antispyware solutions
are available. Make sure you verify that yours are constantly updated.

 

Securely
connect your telecommuters and road warriors.
<span
style=’font-size:11.0pt’> They could be your weakest link. Hackers can crack
the remote worker and traverse back into corporate. Low-cost solid-state ICSA
firewall hardware may well be your best solution (see <span
class=95StoneSerifIt>www.ICSAlabs.com).

 

Secure
wireless access points.
Wireless
access points create huge vulnerabilities in most networks. What looks like a
great firewall solution isn’t so great if it has a wireless router behind it.
Wireless routers are easy to hack, and they’re usually set up without security.
Although most companies have policies banning wireless, it’s easy for employees
to find rogue access. Secure wireless access points are available, and worth
what they cost.

 

Update
firewalls.
Don’t think of the
firewall as plug-and-play. It has to be constantly updated to thwart the latest
attacks, outbreaks, and intruders. Most vendors have aggressive promotions for
their newest firewalls, and you should take advantage of them. Using an older
firewall, a freeware firewall, or a basic hardware firewall that the vendor
isn’t updating with firmware isn’t secure enough.

 

Install
intrusion-prevention software.

Since no firewall can stop everything, intrusion prevention software (IPS) and
intrusion detection software (IDS) are imperative. IPS/IDS solutions are
usually updated rapidly and add another layer of protection to your
environment. You need them for remote workers too. Basically, using them means
hiring an outside team of security engineers to update your firewall and repel
constant attacks.

 

Companies that provide Internet
security for small and medium-sized businesses include:

 

<span
style=’font-size:11.0pt;font-family:Symbol;font-style:normal’>·<span
style=’font:7.0pt “Times New Roman”‘>      
<span
class=95StoneSerifIt>www.sonicwall.com

<span
style=’font-size:11.0pt;font-family:Symbol;font-style:normal’>·<span
style=’font:7.0pt “Times New Roman”‘>      
<span
class=95StoneSerifIt>www.watchguard.com

<span
style=’font-size:11.0pt;font-family:Symbol;font-style:normal’>·<span
style=’font:7.0pt “Times New Roman”‘>      
<span
class=95StoneSerifIt>www.juniper.com

 

Three More Things

 

Redundancy is always needed. You
can’t rely on one connection to the Internet or one firewall. If your firewall
fails, it should fail-over to another firewall; if the broadband dies, it
should fail-over to another broadband or dial-up connection. Think of this as
insurance. Businesses need to run smoothly, and with technology costs dropping,
it makes economic sense to use these safeguards to avoid the risk of losing
customers or sales.

 

Good luck.

 

Fear the unknown.

 

Mike Wysocki has been in
Internet security sales for five years. This checklist is derived from one he
uses to help clients. You’re invited to fill out a questionnaire about your
career for a book he is working on; visit www.careersbythepeople.com to share
your experiences.

 

 

Connect With Us

1020 Manhattan Beach Blvd., Suite 204 Manhattan Beach, CA 90266
P: 310-546-1818 F: 310-546-3939 E: info@IBPA-online.org
©2016 Independent Book Publishers Association

Visit Us On FacebookVisit Us On TwitterCheck Our FeedVisit Us On Linkedin