130 likes | 248 Vues
Small Business Security. Keith Slagle April 24, 2007. Why is this important to you?. Many computer scientist who come out of college start their own businesses
E N D
Small Business Security Keith Slagle April 24, 2007
Why is this important to you? • Many computer scientist who come out of college start their own businesses or work in smaller, startup companies where there is little, if any, network security for the company and the resources are limited.
Small to Medium sized businesses are more susceptible to hackers and other infections because of the lack of resources to protect the company from the outside. • The devastation of an attack on a small or medium sized company can shut down all operations and result in massive losses.
Small Business Computer Security Checklist • Protect your desktops and laptops • Keep your data safe • Use the internet safely • Protect your network • Protect your servers • Secure your line of business applications
Protect your desktops and laptops • Update your software (Windows has the option to update automatically or you can check on your own) • Protect against viruses by using anti-virus software and others. (Norton, McAfee, etc.) • Set up a firewall on the individual workstation
Keep your data safe • Implement a procedure to back up your critical data. (full or incremental) • Establish permissions for the users. Set up group permissions as well as administrative rights. • Encrypt sensitive data to ensure confidentiality and integrity of data. Only authorized users have the tools to decrypt the data.
Use the internet safely • Establish an internet policy that should include: • The use of the internet for personal use (if at all and what times are appropriate) • The company’s monitoring of the system • Web activity that is not allowed such as illegal activities and pornography.
Protect your network • Use a firewall to protect your company’s network, not just the individual workstation. • Require the use of strong passwords. (Don’t use your birthday or middle name!) • Close unused or unnecessary network ports by using dedicated firewalls, host-based firewalls or Internet Protocol Security filters.
Protect your servers • Keep your servers in a safe place so they are not vulnerable to physical calamities. Practice Least privilege policy when giving users access to the server. (Don’t make all users admins!!!)
Secure your line ofbusiness applications • Line of Business Applications: specialized business programs for accounting tasks, running point-of-sale systems, tracking inventory and managing supply chains. • Pay special attention to database security by installing DB service packs, assessing the DB’s security, and isolating it and backing it up on a regular basis.
Computer Threats,What to Focus on First • E-mail: Lose sleep over attachments, not spam • Viruses, worms, & “phishing” • The Internet: Fear downloads before pop-ups • Viruses, Spyware, & Adware • Data Protection: Worry about backups before hackers
Risk Management & Layers of Security • First, don’t try to protect everything, because that is impossible, pick what is most important to you to secure. • Apply layers of security, by establishing a strong firewall to protect the company network, use strong passwords, and encrypt data to help stop hackers from getting into your network.
Sources • “10 commandments of security for small business.” ITNews.com. 2004. 20 April 2007. <http://www.itnews.com.au/newsstory.aspx?CIaNID=17248> • “Computer Threats: What to Focus on First.” Microsoft Small Business Center. 20 April 2007. <http://www.microsoft.com/smallbusiness/support/articles/computer-threats-what-to-focus-on-first.mspx> • “Small Business Computer Security Checklist.” Microsoft Small Business Center. 20 April 2007. <http://www.microsoft.com/smallbusiness/support/checklist/default.mspx> • Spafford, George. “Sensible IT Security for Small Businesses.” SmallBusinessComputing.com. 2005. 20 April 2007. <http://www.smallbusinesscomputing.com/webmaster/article.php/3490406> • “What You Can Do to Manage Network Security.” Microsoft Small Business Center. 20 April 2007. <http://www.microsoft.com/smallbusiness/support/articles/what-you-can-do-to-manage-network-security.mspx>