Small business networks are often set up under the assumption that they are secure as long as there is some sort of anti-virus program that has been downloaded from the web. While even the free anti-virus programs are quite good at protecting the network, there are a number of ways that this line of defense can be circumvented. The good news here is that many of the steps that small businesses can take to enhance the protection of their networks cost little or nothing but can make a substantial difference.
Here are 3 of them:
- Educate your employees on how they can be manipulated by hackers – The best technical and physical network defenses can be rendered as useless by employees who unwittingly abet hacking attempts into the network. In fact, hackers are increasingly targeting employees as a means of gaining access to corporate networks. To mitigate these risks, provide ongoing education on the methodologies that hackers use to dupe employees into downloading malware codes, Trojan horses, etc. These hacking tactics include phishing, pharming, financial offers, etc.
- Develop a password policy – Employees commonly underestimate the importance of unique and random passwords, often seeing them as a huge inconvenience versus easy to remember codes such as “admin” and “password”. In password-based attacks these easy-to-crack codes, which also include “qwerty” and “abc123” are often the first choice of hackers, leading to illicit system access within seconds. Despite the perceived inconvenience, enact a password policy that requires a combination of small case and capital letters, numbers, and characters. Most hacking programs are based on pronouns and words in the dictionary combined with numbers, meaning that unusual acronyms combined with numbers and characters will take much longer to decipher. This password policy should require password changes on a quarterly basis, at minimum.
- Develop tiered access levels – The networks that are the most vulnerable to catastrophic attacks are those that allow unlimited network access with a single password. The fact is that within any business network, there will be employees that require access to increasingly sensitive information as well as those that don’t. Tiered access, in which additional passwords are required for deeper access to the network, can hinder attacks by putting them back to square one at each tier, especially if each level requires longer passwords with increasing variables.
According to network security experts, employees continue to pose the greatest risk to company networks. By providing ongoing education to employees on how hackers work, setting a state of the art password policy, and tiering access to the network with increasingly complex passwords, you can dramatically enhance your level of security in a very cost effective manner.