This is the third in a series of twelve articles written by Orthus for the non-technical managers at small to medium sized companies who operate smaller networks and may lack a sophisticated in-house information technology department. Step 3 – Install & Miantim Anti-Virus Programs Cost: Low – Site licenses are available Technology skill level: Low to medium depending on selected approach Participants: Everyone using the network devices Why do it? Anti-virus programs are a low-cost means of protecting your systems and information from external threats. Viruses (malicious code embedded in files) exploit vulnerabilities within the technology environment, and the number of identified vulnerabilities has doubled annually since reporting was initiated in 1988. Vulnerabilities exist in every aspect of the hardware and software available in today’s marketplace. The most widely publicized viruses are transmitted via e-mail attachments, and infection is initiated when they are opened. Viruses can infect a computer in many ways: through floppy disks, CDs, e-mail, websites, and downloaded files. When you insert a floppy disk, receive e-mail, or download a file, you need to check for viruses. Anti-virus (AV) programs look at the contents of each file, searching for specific characters that match a profile or pattern–called a virus signature–known to be harmful. For each file that matches a signature, an AV program typically provides several options, such as removing the offending pattern or destroying the file or e-mail attachment that contains the virus. When AV program vendors learn about a new virus, they provide an updated set of virus signatures, which must be loaded onto each machine to catch new problems. Automatic update options can be activated for individual machines. What Happens without Anti-Virus Protection? Intruders have the most success attacking any computer when they use viruses as the means for gaining access. Installing an AV program and keeping it up-to-date are among the best defenses. When a machine is infected, software can be disabled and data destroyed, and the affected machine will attempt to infect other machines, consuming available communication bandwidth, choking networks, and overloading servers. Protection is needed at each machine. Getting Started Install anti-virus software on every machine and keep the signature files current through automatic or manual updates at least weekly. Renew the automatic update capability annually as required to maintain a current virus signature file on every machine. DO NOT connect to the Internet without first activating an AV program. Educate all computer users to remove or destroy infected files identified by the AV software. Make sure they know how to remove their machine from the network and who to call for help if they suspect an infection. Educate all e-mail users not to open e-mail attachments from unexpected and unknown sources (see Step 2) to avoid unleashing a new virus not yet blocked by the AV program. Additional Steps Enable the AV program to automatically check every file source on each machine when it is used (CD, floppy, etc. ). Require periodic AV examinations of all files on a regular basis, preferably weekly, to catch problems missed at other checkpoints.
James Tanner is an Analyst at Orthus, a leading professional services firm focused on helping organisations globally to secure their technical environments and manage risk. For more information please visit www. orthus. com or contact Orthus (EMEA) at 1 Lyric Square, London, UK, +44 (0)203 170 8955
Continue reading A 12 STEP PROGRAM TO SECURING YOUR SMALL-TO-MEDIUM SIZE BUSINESS: STEP 3
This is the fifth in a series of twelve articles written by Orthus for the non-technical managers at small to medium sized companies who operate smaller networks and may lack a sophisticated in-house information technology department. Step 5 Remove Unused Software and User Accounts; Clean Out Everything on Replaced Equipment Cost: Minimal – No additional investment Technology skill level: Low to medium Participants: Technical support Why do it? Computer systems are delivered with a myriad of options, many of which you may never use. Also, the installation process is designed for ease and not security, so functions that are major security problems are often activated, such as remote file sharing. Software that is no longer used will not be maintained and should be removed from the computer systems so that it cannot be used as a way for attackers to harm your systems. Every user of the computer system should have a unique account that limits access to the data and software they need to do their job (see Step 1). When they leave or change functions, the access capabilities need to be terminated or adjusted to meet the new job. Standard management techniques, such as separation of duties, need to carry into the electronic environment to limit the risk of one individual causing harm to the business. A tremendous volume of data can be stored on disk drives, and this information is not removed when the files are deleted. Additional data is stored in temporary files used by software on the computers. Anyone can retrieve this information by accessing the disk through another computer. For equipment that is removed and repurposed, discarded, given away or sold, the disk space must be overwritten to avoid sharing confidential and sensitive data. If it’s not in the way, can’t I just leave it alone? Unused software and user accounts are not like books gathering dust on the coffee table. Each has the potential for allowing an attacker to gain access to the system. With access the attacker can take confidential information such as credit cards and customer names and damage and destroy files and programs. Attackers can also use your systems as a base to attack others, and these victims can sue you if their losses are high. Control of computing access needs to be managed just as carefully as cash since the loss of important information can be as detrimental to a business as the loss of money. If unused accounts belonged to former employees, they can keep current on your business and steal or destroy confidential information by continuing to use their system access. As you upgrade equipment, the data stored on the replaced machinery does not go away. Utilities are available to retrieve deleted files and information from reformatted disks. Getting Started Remove accounts for terminated employees when they leave. When firing someone, remove the computer access before notifying them and arrange for a monitor while they are on premise. Establish a policy that unneeded software not be installed on company computers (i. e. games, free download software, music players, etc. ). Establish a process for removing data on all computers hard drives when equipment is repurposed, discarded, donated, and sold. Use a utility program to remove all information by overwriting all available disk space. Additional Steps Uninstall software that is no longer in use and archive data files that are no longer used. The less clutter on the system the easier it will be to manage backups and keep software on the system at a current update level. While it may be convenient, it is very risky to rely on vendor defaults for your system. Default functions are attractive targets for attackers –the likelihood of availability is high since most installers will choose the default. Reduce your visibility as a target by explicitly selecting only the computer functions you need at installation. If you do not know what a function is, check the help information and make sure it is something you need before turning it on. A little time at the start can save you from major trouble later.
Orthus is a leading professional services firm focused on helping clients globally to cost effectively manage technology risk and secure their environments. Find out more about security for your small business at www. orthus. com
Continue reading A 12 STEP PROGRAM TO SECURING YOUR SMALL-TO-MEDIUM SIZE BUSINESS: STEP 5
This is the second in a series of twelve articles written by Orthus for the non-technical managers at small to medium sized companies who operate smaller networks and may lack a sophisticated in-house information technology department. Step 2 Look Out for E-Mail Attachments and Internet Download Modules Cost: Minimal – No additional investment Technology skill level: Low to medium Participants: Everyone using the electronic facilities WHY? One of the most common methods of transferring computer viruses.
Recently, attackers have become adept at capturing address books and embedding viruses in attachments that appear to come from people you know. Companies should have strict policies about what can and cannot be downloaded or opened on their systems. You share important information via e-mail and attachments allow us to send reports, copies of files, spreadsheets, photos, cartoons, music, etc.
Any task that you can do on your computer, this program can also do. If you delete a file, send e-mail, or add or remove a program, your newly installed program can do this too. And an intruder can do these tasks, unbeknownst to you, through the program you have just installed and run. WHAT HAPPENS IF I’M NOT CAREFUL? E-mail text, e-mail attachments, and download modules are excellent conduits for malicious code.
James Tanner is an analyst at Orthus Limited, a leading professional services business focused on helping organisations globally to cost effectivly manange risk and secure their technical enviornments. If you need any advice or assistance with securing your business, don?t hesitate to contact Orthus Ltd, 1 Lyric Square, London, W6 0NB, England, +44 (0)203 170 8955 or visit www. orthus. com
Continue reading A 12 STEP PROGRAM TO SECURING YOUR SMALL-TO-MEDIUM SIZE BUSINESS: STEP 2
This is the fourth in a series of twelve articles for the non-technical managers at small to medium sized companies who operate smaller networks and may lack a sophisticated in-house information technology department. Step 4 Install and Use a Firewall Cost: Moderate – Software is free but effective tuning takes time Technology skill level: Moderate to High depending on selected approach Participants: Technical support Why do it? A firewall performs much the same job as a security guard at a public building. It examines the messages coming into your system from the Internet as well as the messages you send out. The firewall determines if these messages should continue on to their destination or be stopped. The firewall “guard” can greatly reduce the volume of unwanted and malicious messages allowed into your network, but it takes time and effort to set one up and maintain it. Firewalls can also prevent many forms of undesirable access to your network. The hard part is defining the rules–what is allowed to enter and exit your system. If you let nothing in and nothing out (deny-all firewall strategy), communication with the Internet is effectively disconnected. Since that is not practical for most small businesses, additional work is required. Some firewall products let you easily review each information message (packet) so that you can decide what to do with it. When you are shopping for a firewall, look for this review feature because it can be quite helpful. Practically speaking, it is not easy to decide which traffic is acceptable and which is not. Get technical assistance (see Step 12) to help you identify normal usage for your organization and establish rules to block all other network traffic. Firewalls can also be used to enforce an acceptable use policy by blocking content access to websites considered inappropriate by the business, such as pornography and gambling. What Happens without a Firewall? With nothing in place to check information coming into and out of your network, you are totally reliant on each individual user to Step good e-mail and download habits (see Step 2) to protect the network from viruses and worms. If you are using a high-speed Internet connection such as DSL or cable, you are also dependent on the other subscribers to your service. Without a firewall, potential attackers can quickly scrutinize each available computer on the network to locate vulnerabilities (see Step 
and attack. Getting Started Install an individual firewall on every machine and set it up to block traffic for all services except those specifically used on the machine (see Step 5). Educate your employees as to the value of the firewall so they will help you refine the rules instead of disabling it when a change in the implemented rules is needed. While the firewall rules are being crafted, there will be instances of over-blocking, making the use of some computer services more difficult. Additional Steps Get technical help to establish one or more firewalls for the network based on the configuration. Establish a security policy to be implemented by rules in the firewall that will define what is wanted and unwanted content within the network. Provide a process for adjusting the security policy for approved exceptions. Educate employees as to the value of a centralized solution and establish a mechanism for monitoring and changing the rule over time to meet new needs of the organization.
Orthus are a leading professional services firm focused on helping clients globally to cost effectively manage technology risk and secure their environments. Further information on securing small businesses can be found at www. orthus. com
Continue reading A 12 STEP PROGRAM TO SECURING YOUR SMALL-TO-MEDIUM SIZE BUSINESS: STEP 4