Australian small and mid-sized businesses (SMB) are becoming more aware of the increasing need to secure and protect their IT devices from exposure. Endpoint devices, such as mobile phones, PDAs, desktops, servers and laptops that are vital to a business’ operations are being targeted by electronic attacks designed to compromise and steal company data. Threats are becoming more sophisticated and targeted toward these endpoint devices and at the same time, as many Australians take on a ‘sea’ or ‘tree change’, they are demanding increased flexibility and access into the network via remote, VPN, Web-based or telecommuting devices. When you add regulatory compliance mandates to the equation, SMBs are finding they must scramble to implement, monitor, and enforce controls that protect these critical IT devices.
How can SMBs protect themselves and their customers? The following five tips for securing endpoints will help build a strong defense against the increasing stream of electronic attacks and threats:
1. Use Layered Security
Deploy defense-in-depth strategies for employees and other end users, including an integrated endpoint security solution and security patch updates. Antivirus definitions and intrusion prevention signatures must be updated regularly, and all desktops, laptops, and servers should also be updated with the necessary security patches from the operating system vendor. Consider deploying a personal firewall to help control network traffic to the endpoint device. Also, make sure to enable the security settings on Web browsers and disable file sharing.
Additionally, teach users to develop strong passwords with at least eight characters and a combination of numbers, letters, and special characters. Change all passwords every 45-60 days to make it more difficult for intruders to access your data.
2. Implement a Network Access Control Solution
All network-connected computers and inbound/outbound traffic should be monitored for signs of unauthorised entry and malicious activity. Ensure any infected computers are removed from the network and disinfected as soon as possible. Also, create and enforce policies that identify and restrict applications that can access the network.
To ensure they have the latest protection, SMB’s should apply operating system and security software updates and patches as soon as they are released. In order to protect against successful exploitation of Web browser vulnerabilities, upgrade all browsers to the latest versions.
3. Stay Informed
Several companies publish reports that help define the threat landscape for SMBs. These reports can be found on the various company’s websites or through online searches. This is a great way to stay informed about the threat landscape so you know what you’re up against.
Spam is the leading source of malware (‘malicious software’) entering networks today. Spam not only diminishes productivity, it also puts a strain on storage and bandwidth requirements. Deploy antispam technologies at the mail gateway to proactively protect your environment.
4. Don’t Forget Physical Security
There are a number of routine physical security tactics SMB employees can use to help strengthen their companies’ security defenses. These include using the screen-locking feature when away from the computer, shutting the computer off when done for the day, locking laptops with a cable, not leaving passwords written down, and being mindful of physical security of PDAs and handheld devices, which are a popular target of thieves.
5. Back Up Data
For any number of reasons – disaster, human error, hardware failure, etc. – your IT system could be brought down. It is critical to back up important data regularly and store extra copies of this data off site. Since tapes containing confidential customer or business data may be lost or stolen in transit, encrypting those backup stores is a good idea.
A well-executed endpoint protection strategy provides companies with the confidence that their corporate assets are protected and their business infrastructure is secure. By following these five tips companies can build a strong defence against these sophisticated and targeted attacks.
For more information, visit a new portal dedicated to our SMB customers: www.symantec.com/ap/SMBOneToOne. Alternatively call us on 1800 000 423 (Aus) / 0800 697 962 (NZ)
