1 / 23

Securing Your Small Business Network

Securing Your Small Business Network. Agenda. Introduction Types of Online Risks Small Business Network Vulnerabilities Calculating the Impact Recommended Security Practices Overview of Symantec Solutions. 1. 2. 3. 4. 5. 6. The Internet Has Changed Business Forever.

kenaz
Télécharger la présentation

Securing Your Small Business Network

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Securing Your Small Business Network

  2. Agenda Introduction Types of Online Risks Small Business Network Vulnerabilities Calculating the Impact Recommended Security Practices Overview of Symantec Solutions 1 2 3 4 5 6

  3. The Internet Has Changed Business Forever • Turn back the clock 10 years… • Did you have an email address? Web access? A Web site? • The Internet has redefined business dynamics • 48% of small businesses in the U.S. have Web sites • 163 million Americans have an email address • 185 million Americans use the Internet • The good news is that you can: • Gather information more quickly • Increase communications with your customers/vendors • Transact business more efficiently Sources: Pew Internet Survey 2004, Computer Industry Almanac, 2004Kelsey Group, 2004

  4. The Bad News: Computer Security Risks • Did you realize that you open your business to potential risk whenever you… • Download something from the Web? • Open an email attachment? • Leave your computers connected to a broadband connection? • Insert removable media (CD-ROM, DVD-ROM, flash drive) into one of your business’s computers? • Access the Internet wirelessly? • Let a guest user onto your business network? The security of your business is up to YOU!

  5. The Impact of Poor Security • Over $11 billion in damages worldwide • Between just a few months: Feb. 2004 and May 2004 • From just MyDoom, Netsky, Bagel, and Sasser virus outbreaks Source: Computer Economics, Inc. June 2004

  6. The Impact of Poor Security • U.S. CSI/FBI Survey (among 269 respondents) * • Estimated total loss of $141 million due to virus outbreaks in 2003 • 19% in small businesses with <100 employees • $524K average loss per respondent • Attack types and percent experiencing them • Virus outbreaks 78% • Internal abuse of Web access 59% • System penetration 39% • An estimated 57MM Americans have received emails from “phishers” (Gartner, May 2004 survey) • Cost of phishing attacks to U.S. banks in 2003 $1.2b (Symantec) * Source: CSI/FBI Computer Crime and Security Survey, 2004

  7. What Are You Up Against?Types of Risks • Malicious Code • Worms, Viruses, Trojan Horses • Hackers • Information theft/Privacy Violations, Spyware, Phishing, Denial of Service, Application Vulnerabilities • Time Wasters • Adware, Spam Email, Popup Ads, Data Loss

  8. What Are You Up Against?Malicious Code • Virus • A malicious program that attacks PCs and Macs by infecting other files on the computer • Worm • A malicious program designed to spread itself to as many other computers as possible via the Internet, sometimes taking over the victim’s email address book • Trojan Horse • A malicious program that pretends to be a useful or friendly program, such as a screen saver, game or other type of utility The “Blaster” worm alone inflicted $1.3 billion in damageto U.S. Businesses in 2003 Source: SecurityFocus

  9. What Are You Up Against? Hackers • Privacy Violations • Intrusions into your business’s computer systems for personal information belonging to you, your company or your customers, often credit card numbers • Spyware • Small applications that monitor your Web usage and report it to a marketing service • Key stroke loggers that capture data and steal passwords • Phishing • Fraudulent schemes in which a hacker pretends to be a legitimate company or authority to get you to reveal personal information willingly • Denial of Service • An attack that ties up a Web server so that your customers, vendors, and partners can’t access your site 70% of businesses reported at least one security breachfrom external sources this year Source: CSI/FBI Computer Crime and Security Survey, 2004

  10. What Are You Up Against? Time Wasters • Adware • Software that displays banner ads even when the host computer is not connected to the Internet • Spam, Popup Ads • Spam email: unsolicited email, often sent under false pretences • Popup Ads: ads that open in a new browser window on top of the Web page you were viewing As much as 65% of all email traffic in 2004 is spam Source: Symantec/Brightmail, 2004

  11. Program Viruses Macro Viruses E-mail Worms Network Worms Flash Worms Contagion Period Evolution of Virus/Worm Threats • We’ve reached an inflection point where the latest threats now spread orders of magnitude faster than our ability to respond with traditional technology months days Contagion Period hrs mins secs 1990 Time 2005

  12. Blaster razed networks just27 days after the vulnerability was publicly disclosed! At its peak, 1 out of every 12 emails was infected with MyDoom! Threat Sophistication Code Red doubled its infection rate every37 minutes. Slammer doubled every 8.5 seconds, and infected 90% of unprotected servers in 10 minutes!

  13. Understanding Your VulnerabilitiesInternet Gateway

  14. Understanding Your VulnerabilitiesFile Server / Mail Server

  15. Understanding Your VulnerabilitiesDesktop

  16. Understanding Your VulnerabilitiesRemote Users

  17. Calculating the Impact on Your Business • How to calculate the cost of a virus infecting your network and damaging your information • List the number employees in your business • Calculate an average hourly compensation per employee • Think about what files and work might need to be re-created after a loss: customer database, client reports, project files, and schedules, contracts, etc. • Estimate the amount of time required to re-create lost databases, financial files, and other work per employee • Multiply the time required by the number of employees affected by the average hourly compensation • This is the cost of one virus damaging desktop files one time only – It doesn’t include the cost to have your software or hardware professionally repaired or replaced.

  18. Calculating the Impact on Your Business

  19. Recommended Security Practices • Prevent infection with antivirus software • Install antivirus on all desktops, laptops, and servers • Check for virus definitions daily or set for automatic updates • Stop intruders with a firewall • Use a firewall on all desktops, laptops, and servers • Stay on top of security updates • Deploy security patches and fixes as soon as they are available • Use the latest operating system versions • Create strong passwords and change them frequently • Don’t allow Web browsers to remember passwords/private data • Open email responsibly • Scrutinize attachments before opening them; avoid ones with unusual extensions • Don’t open or reply to unsolicited mail

  20. Recommended Security Practices, cont. • Browse the Web with caution • Don’t ever give personal information to a Web site unless you see a small padlock or key icon in the browser’s toolbar • Don’t type confidential information in Instant Messaging/Chat programs • Back up regularly • Back up vital data daily and store critical backups offsite • Make remote connections secure • Require remote users to use antivirus and firewall software • Use a Virtual Private Network (VPN) • Lock down wireless networks • Install a firewall at the wireless access point • Ensure the physical security of your equipment • Never leave wireless devices unattended • Use the screen locking feature when you leave your computer

  21. Symantec Small Business Product Line Desktop and Server Protection Point Products Suites/Integrated Additional Tier Desktop Protection

  22. Who is Symantec? Global leader in information security • #1 global leader in antivirus and antispam software* Offers a broad range of software, appliances, and services for: • Home and home office • Small and mid-sized businesses • Large enterprises Operating in over 35 countries worldwide • Insight from monitoring a sensor network of more than 20,000 corporate customers, and millions of personal PCs • ** Sources: IDC – Secure Content Management 2004-2008 Forecast Update and 2003 Vendor Shares; Aug 2004 • Worldwide Antispam Solutions 2004-2008 Forecast and 2003 Vendor Shares December 2004

  23. Thank YouQuestions and Answers

More Related