Top 5 Threat Protection Best Practices
Small businesses are especially vulnerable to computer viruses and lost or stolen
data, since they typically lack the IT resources to deal with these threats. Inadequately
protected computers open the door to annoying infections, or worse, serious business
disruption. Below are five simple and effective strategies to help you protect your
business against an ever-increasing number of threats.
1
Install anti-virus software on every
computer, even Macs.
2
Control the use of non-essential applications.
New threats emerge hourly, and can come from
Productivity reasons aside, it pays you to take steps to
anywhere—email, websites and removable media like
reduce or eliminate the use of programs such as peer-to-
USB keys and CDs. Up-to-date anti-virus software is
peer file sharing, instant messaging and games on your
essential for keeping your network safe from both known
computers. These platforms are often web-based or web-
and unknown threats.
enabled, so they consume a lot of your Internet bandwidth.
What’s more, they are increasingly used to spread malware
While it is true that there are far fewer viruses written
and steal confidential information.
for Apple computers, they do exist. But the bigger threat
comes from the fact that these machines can be carriers.
Prevent these programs from being installed by restricting
If your computers are networked, malware can be passed
administrative privileges on your computers. Use an anti-
around easily without your knowledge. Or worse, you
virus program that helps you identify and block potentially
can forward a malicious file to a customer, placing their
dangerous or unwanted applications.
network at risk.
Make sure every computer you have is running with a
fully patched operating system, and is protected with upto-date anti-virus software.
1
Top 5 Threat Protection Best Practices
3
Restrict the use of removable media.
To ensure that your data is safe, it should be encrypted before
being sent out via email or saved on removable storage
devices. This should happen automatically so you don’t even
USB keys, CDs, and DVDs can contain unauthorized software
have to think about it.
that puts your network at risk. Malware like the Conficker
5
worm is becoming a major issue as it can be spread via these
devices. Sensitive data can also be copied onto these devices
Control outbound as well as inbound
content.
and shared with outsiders, while many recent high-profile
incidents confirm how easily they can be lost.
Most firewalls are set up to block incoming traffic, but
offer little or no help with outbound data. Hackers know
Since you cannot reasonably eliminate these devices entirely,
this, and are forever devising new ways of accessing
disable their ability to run automatically when plugged in,
information on your computers. Once inside, they take
or consider restricting where they are used. If your business
advantage of unrestricted communication ports to spread
depends on removable media, scan them regularly for
more malware or steal confidential data.
malware and sensitive data.
4
Encrypt sensitive data in use, at rest,
and in motion.
Use a computer firewall that lets you easily and effectively
control how your computer connects to the outside world.
For example, certain ports on your computers should only
If you regularly use confidential or sensitive data in your
be used for inbound traffic. This will help prevent hackers
business – Legal, Financial, Healthcare, etc. – encryption is
from taking over your machines for malicious use.
the most reliable means of protection. Once a hacker bypasses
your anti-virus, firewall or other controls, your information
If you depend on computers to run your small business,
is vulnerable. Encrypted data is unreadable, and poses no
then you can’t afford any disruption from a virus infection
threat should it fall into the wrong hands. Properly deployed
or data loss incident. Fortunately, there are simple and
encryption also provides a “safe harbor” from penalties related
effective solutions available that don’t require a lot of
to data loss disclosure regulations.
effort or attention. Contact Sophos today to learn how to
protect your small business from the expense and hassle
of compromised computer networks.
To learn more about Sophos and to evaluate any
of our products free for 30 days, please visit us at
www.sophos.com
Boston, USA | Oxford, UK
© Copyright 2010. Sophos. All rights reserved.
All trademarks are the property of their respective owners.
2