Securing Your Technology Infrastructure Five security areas of focus for small to medium businesses.

Size: px
Start display at page:

Download "Securing Your Technology Infrastructure Five security areas of focus for small to medium businesses."

Transcription

1 Securing Your Technology Infrastructure Five security areas of focus for small to medium businesses. Anthony Suda Network Manager marketing + technology sundog fax: th st s floor 6 fargo, nd

2 Small and medium businesses today have data and equipment that needs to be protected from the dangers of real-life disasters and virtual threats from cyberspace. A business can go from booming to bankrupt overnight if it does not have at least a basic layer of protection. Having a plan of action and different lines of defense against attacks can save a company significant time and money. This white paper will define five of the key areas where small and medium businesses should focus on security, and give solutions in each area. Area 1: Workstations Whether they are laptops, desktops, or even netbooks, workstations are the most frequently used devices a company has. In most cases, these devices access anything and everything cyberspace has to offer; whether it be on the internet or talking to each other in your local network. This makes workstations our first stop on our security tour. Antivirus Software If you are reading this, chances are you already know about computer viruses. They lie hidden in websites and are transferred by the thousands daily via . Once a virus installs itself onto a workstation, it can, depending on how it was written, quickly infect an entire network and possibly raise havoc by causing computer glitches, or even data loss. One solution is to put something in place to stop a virus from doing its foul deeds or prevent it from installing itself in the first place. Antivirus software has been around since the late 1980 s, according to Kaspersky Lab. Today we have hundreds of options to choose from. Businesses have the option of using software that is completely independent from one workstation to the next, usually labeled as stand-alone, or a managed solution that resides on a central server and then smaller software packages, usually referred to as clients, are installed on the workstations and report back to the central server. The stand-alone option would be recommended for smaller businesses with only a few workstations to worry about. The client-server model makes sense if a business needs to monitor a large number of machines. The client-server model also is recommended if you have a Network Administrator or anyone who happens to be the IT guru for your business, as it will help them more easily manage their time and resources. The stand-alone versions of antivirus software are typically less expensive than client-server versions. However, one reaches a point of diminishing returns when buying the stand-alone version. For example, if your business has fifty workstations that all need to be protected and the cost of stand-alone antivirus software is $40, you have a $2,000 investment which does not include the cost of personnel to install the software on each machine manually. A client-server option may cost only $1,500 or less with client licenses. If all of your workstations are connected to the local server, an employee just has to select the workstations on the network from the server and choose install this feature is also very handy for updating the software and for tracking down infected machines. Anti-spyware/malware Software The terms virus and spyware/malware are used interchangeably, but technically they are different even though the results can be the same: gathering private information like website history or contact and credit card information, and the annoyance of slowing down a machine. Spyware/malware usually does not replicate itself over your network, and is usually installed inadvertently by the user when they install some other program. Some free programs that exist online have a catch like this built into them so that when a person doesn t read the fine print and installs it, the spyware/malware software is also installed. (Fraser, n.d.; Rubenking, 2008). Spyware/ malware can also be installed by just visiting some lessreputable sites that ask you to download and install a special plug-in in order to view the site correctly. 2

3 The options for protecting workstations from spyware/ malware are similar to antivirus software. There are stand-alone and client-server options. The difference is that client-server versions have not been as popular. The best known and most effective spyware/malware programs out there usually have corporate editions of their software that a company can buy to manage and scan their networked workstations for spyware and remove it, just like the client-server antivirus software. Most of the time, these options are overlooked, especially since business or corporate editions of software have higher prices particularly when compared to the standalone versions which are usually free for personal use (note: personal use does not mean business use). Some software companies have combined antivirus and anti-spyware/malware software into suites so that your solution can come in one package. Some software solutions do this well, others do not. It seems that some of these suite packages still can t catch everything so research on the available solutions that will work best for your business is needed. Area 2: Firewalls A firewall is usually defined as a combination of hardware and/or software that limits the exposure of a computer or computer network to attack (Princeton University, 2006). Chances are, if you have more than one computer connected to the internet, you are running at least a basic firewall already. Most network routers, by default, act as a simple firewall that block incoming attacks to the computers that sit behind them. They prevent direct access to workstations and servers by only allowing certain types of communication to pass through. As indicated by the definition, there are a couple of different types of firewalls and there are also different locations for firewalls. There are hardware and software firewalls, in addition to network and computer firewalls. Hardware firewalls are usually installed to protect networks while software firewalls are installed on computers, whether they are workstations, laptops, netbooks or servers. Most of the time, software firewalls on workstations behind your business firewall are seen as redundant and unnecessary even troublesome, as they can interfere with those workstations talking to each other or talking to your own servers. However, software firewalls on laptops or netbooks that will be moving from inside the protected corporate network out into the unprotected world of coffee shops and other public access points, are seen as a good idea. Most Microsoft Windows (versions XP and higher) and Mac OS X users have a standard firewall built into the operating system that can do a good job at protecting the system. Protecting your entire business network with a firewall will help keep predators out and can also serve to keep people on your network from sending some types of information out or getting access to undesirable content. Simple routers can act as firewalls as stated before, however they can eventually be cracked and can only handle a small load of traffic going through them. If you have a lot of machines on your network, or are hosting your own website or other service to the world, you will need a heftier appliance. That hefty size can come at a price, but it s certainly less costly than a successful attack on your network and/or legal fees that result from an attack or unauthorized access. 3

4 Area 3: Client/External access So now you have a firewall protecting your network. But say you want to give employees the ability to work from home, or to allow certain clients to share files or access to servers easily between your businesses. Opening up your entire network so that only a handful of people or a few other businesses can access one or two servers is equivalent to leaving the front door of your house open because your Aunt Mary is going to drop off a pie for you while you are at work. It is just asking for trouble. So what do you do? You give your aunt a key to get in. In the network world, that key can mean a few different things, but we are going to focus on only one; Virtual Private Networking, or a VPN. Basically, a VPN is a secured path or tunnel from one machine or one network to another. No one else can use the tunnel unless they have the correct keys/authentication to do so. When a computer is connected to a VPN tunnel, the machine can act as if it is plugged directly into the network just like the rest of the computers in that network. Restrictions can also be applied to the VPN tunnel so that anyone connected via VPN can only access server A, for example. Some of the higher-end firewalls/routers on the market come with some standard VPN capability. Another option is using one of your servers as a Remote Access Server, or RAS, and then opening up the firewall to allow authentication traffic to that RAS server, which would in turn create the tunnel. If you decide your company would benefit from having this access, look to see if your current firewall/router already supports this feature. If it does, the setup may be fairly straight-forward. Otherwise, you can see if you can setup one of your servers to also handle RAS. If you have a budget for new hardware, I would recommend going with a firewall/router upgrade before buying a new server. In my experience, it is more reliable connecting to your main internet connection than having to go through that and connect to a server to get access. Area 4: Wireless Security In today s mobile world, wireless networks are everywhere, and a lot of them are wide open. This not only allows for easy connectivity, and free internet access to any passerby, but also opens all of the other computers on that same network to anyone who connects. It is no different than a person coming off the street and plugging onto your network with a cable. The solution is quite simple, but it is often overlooked for the sake of convenience: secure your wireless network. There are a few different options when doing this, but any security is better than none. The two most popular are Wired Equivalent Privacy, or WEP and Wi-Fi Protected Access, or WPA. The main difference the normal user would notice between the two is that WEP keys are random hexadecimal sequences, like 431aB2C71f, whereas the WPA passphrase can be a hex value or also a combination of numbers/words people might actually be able to remember, like 320YellowGiraffe7. Because it is fairly easy to hack, WEP is now a depreciated standard and it is recommended to go with the more-secure WPA or WPA2 security on your wireless networks (Borisov, Goldberg, & Wagner, 2001, p. 2, 9; Geier, 2002). Notice, in the examples above, the keys are pretty random, even if a passphrase is being used. Having a wireless network key of or wirelesskey doesn t make the network much more secure than having it wide open. The simplest way to go about securing one s wireless network is to run the software or read the manual for the wireless access point before plugging it in and going for it. Most access points out there today come with very easy to use software for setting up a network with security. This process will also take a person through changing the defaults of the device so that a person who might have purchased and setup the same type of hardware cannot just use the default username and password to get into your device and change everything. 4

5 Area 5: Data Integrity So far, we have been focusing on attacks from the outside world. However, there is another area of security that also should be considered: data security. This definition of security is not really about keeping bad guys out, but about having a system in place in case of a natural disaster or hardware failure. As we have touched on before, a business has two differing sets of computers: servers and workstations. The trend has been that servers are where files are stored in order to be shared with workstations across the network. More and more businesses are turning to cloud-based solutions that share files securely over the internet so they are accessible from anywhere and one does not need to worry about backing up a local server because of those files. Servers perform important roles in the network and, without certain servers, the network will not even function correctly. These servers store everyone s user account information and passwords, or hand out addresses for workstations on the network, or direct traffic on the network or any and all combinations of these and other features. These servers should be on the top of the list for having some data backup plan so they can be recovered quickly and efficiently. Some businesses have a dedicated backup server that all other servers backup to. Another option is to have external hard drives that each server backs up to independently. Another layer of protection is to move successful backups off-site on a schedule so that if the worst should happen, like a fire, a business has a recent copy of its data at a safe location. Workstation backups are the second area of focus. If an employee s hard drive fails and it has important documents on it, the results can obviously be troublesome for that employee, but also for the company as a whole. For example, those files could be about business operations or about an important sale. Again, one could backup every machine to the backup server or have external hard drives for every machine. Depending on the number of servers and workstations a company has, data backup in itself can wind up being a full-time job, especially if it is done on a machine-bymachine basis. Just like with the antivirus and antispyware software, there are options for centralizing backup control to one server so that managing everything is a bit easier and automated. Even if every machine has its own dedicated external hard drive for backups, having client software on every machine that can be controlled from a central server can save everyone time and headaches. This way, the person in charge of backups does not have to interrupt everyone at random times to install/fix/upgrade their backup solution and users don t have to learn how to use or keep track of new software. 5

6 Summary So to sum up, here are the suggestions in each area: Area 1: Workstations - Get stand-alone or client-server antivirus and anti-spyware/malware software for all workstations (and servers) in your company. Area 2: Firewalls - Make sure your company has at least a basic firewall protecting all your machines whether it be a software or hardware solution. Area 3: Client/External Access - If needed, setup VPN access through your firewall/router. If you need to purchase a solution, research firewalls/routers that have built-in VPN configurations. Area 4: Wireless Security - Encrypt your wireless networks so they require a security key to connect. If possible, chose WPA or WPA2 over WEP encryption. Area 5: Data Integrity - Research storage and software solutions for backing up data on servers and workstations, and also have an off-site data rotation plan in case of fire or other large catastrophe. Resources that might help with decision making in each area: Area 1 About.com: Top Windows Antivirus - about.com/od/antivirussoftwarereviews/tp/aatpavwin.htm PC World: Top Antivirus Software - com/article/124475/top_antivirus_software.html Area 2 Consumer Search: Firewalls - search.com/firewalls/best-pc-firewalls Experts Exchange: Networking Hardware Firewalls - Area 3 ZDNet: Virtual Privacy - reviews/hardware/peripherals/soa/virtual-privacy-8-vpnappliances-tested/0, , ,00.htm Area 4 Wi-Fi Planet: WPA-PSK Step-by-Step - Area 5 PC Mag: Backup - Reviews and Price Comparisons - There are certainly more than five areas of focus that businesses should keep in mind. However, it is in this author s opinion that these five should be among the first to consider and implement solutions for. The specific solution that will work best for your company in each area can, and probably will be completely different from every other company, even those that are the same size and are in your same business sector. Nevertheless, it is great to get ideas and strategies from other companies and experts and then pick and choose what you see as best for your own business. Just because you plan a specific path for your business, it does not mean the plan can t change down the road; in fact, one should expect changes to happen as your business grows and changes over time. The same solution that works today in one area may be too small to handle, or too bulky to manage in the future. Take your time, investigate, plan, experiment. The time spent is worth it, especially when compared to the alternative of not having a secure IT infrastructure. 6

7 References Borisov, N., Goldberg, I. & Wagner, D. (2001). Intercepting Mobile Communications: The Insecurity of , 9. Retrieved June 4, 2009 from Fraser, D. (n.d.). Virus Or Spyware - What s The Difference? Retrieved June 1, 2009 from Network Liquidators: Geier, J. (2002) WEP: Concepts and Vulnerability Retrieved June 8, 2009 from Wi-Fi Planet: Kaspersky Lab. (n.d.). Viruslist.com Retrieved May 29, 2009 from Viruslist.com: Princeton University. (2006). Wordnet Search: Firewall Retrieved June 1, 2009 from Wordnet: Rubenking, N. J. (2008). Nine Ways To Wipe Out Spyware Retrieved May 15, 2009 from PC Magazine: 7

LAW OFFICE SECURITY for Small Firms and Sole Practitioners. Prepared by Andrew Mason, Scott Phelps & Mason, Saskatoon Saskatchewan

LAW OFFICE SECURITY for Small Firms and Sole Practitioners. Prepared by Andrew Mason, Scott Phelps & Mason, Saskatoon Saskatchewan LAW OFFICE SECURITY for Small Firms and Sole Practitioners Prepared by Andrew Mason, Scott Phelps & Mason, Saskatoon Saskatchewan 1. Introduction CONTENTS 2. Security Consciousness Having a Firm Security

More information

Basic Computer Security Part 2

Basic Computer Security Part 2 Basic Computer Security Part 2 Presenter David Schaefer, MBA OCC Manager of Desktop Support Adjunct Security Instructor: Walsh College, Oakland Community College, Lawrence Technology University Welcome

More information

Stable and Secure Network Infrastructure Benchmarks

Stable and Secure Network Infrastructure Benchmarks Last updated: March 4, 2014 Stable and Secure Network Infrastructure Benchmarks 501 Commons has developed a list of key benchmarks for maintaining a stable and secure IT Infrastructure for conducting day-to-day

More information

9 Simple steps to secure your Wi-Fi Network.

9 Simple steps to secure your Wi-Fi Network. 9 Simple steps to secure your Wi-Fi Network. Step 1: Change the Default Password of Modem / Router After opening modem page click on management - access control password. Select username, confirm old password

More information

Online Banking Fraud Prevention Recommendations and Best Practices

Online Banking Fraud Prevention Recommendations and Best Practices Online Banking Fraud Prevention Recommendations and Best Practices This document provides you with fraud prevention best practices that every employee at Continental National Bank of Miami needs to know

More information

Mapping Your Path to the Cloud. A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software.

Mapping Your Path to the Cloud. A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software. Mapping Your Path to the Cloud A Guide to Getting your Dental Practice Set to Transition to Cloud-Based Practice Management Software. Table of Contents Why the Cloud? Mapping Your Path to the Cloud...4

More information

Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library

Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library Essentials of PC Security: Central Library Tech Center Evansville Vanderburgh Public Library Why should you be concerned? There are over 1 million known computer viruses. An unprotected computer on the

More information

Securing Your Wireless Network

Securing Your Wireless Network Choosing A Wireless Router You might already have a wireless router provided to you by your Internet Service Provider. Otherwise, if you are intending to get one or decide to upgrade your old router, look

More information

Computer Security Maintenance Information and Self-Check Activities

Computer Security Maintenance Information and Self-Check Activities Computer Security Maintenance Information and Self-Check Activities Overview Unlike what many people think, computers are not designed to be maintenance free. Just like cars they need routine maintenance.

More information

Reliance Bank Fraud Prevention Best Practices

Reliance Bank Fraud Prevention Best Practices Reliance Bank Fraud Prevention Best Practices May 2013 User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters and numbers.

More information

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15.

NCS 330. Information Assurance Policies, Ethics and Disaster Recovery. NYC University Polices and Standards 4/15/15. NCS 330 Information Assurance Policies, Ethics and Disaster Recovery NYC University Polices and Standards 4/15/15 Jess Yanarella Table of Contents: Introduction: Part One: Risk Analysis Threats Vulnerabilities

More information

5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS

5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS 5 DEADLY MISTAKES THAT BUSINESS OWNERS MAKE WITH THEIR COMPUTER NETWORKS AND HOW TO PROTECT YOUR BUSINESS 1 Introduction As small and mid-sized companies rely more heavily on their computer networks to

More information

Business ebanking Fraud Prevention Best Practices

Business ebanking Fraud Prevention Best Practices Business ebanking Fraud Prevention Best Practices User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters, numbers, and special

More information

Cyber Security: Beginners Guide to Firewalls

Cyber Security: Beginners Guide to Firewalls Cyber Security: Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers This appendix is a supplement to the Cyber Security: Getting Started

More information

Why is a strong password important?

Why is a strong password important? Internet Security Why is a strong password important? Identity theft motives: To gain access to resources For the challenge/fun Personal reasons Theft methods Brute forcing and other script hacking methods

More information

References NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household

References NYS Office of Cyber Security and Critical Infrastructure Coordination Best Practices and Assessment Tools for the Household This appendix is a supplement to the Cyber Security: Getting Started Guide, a non-technical reference essential for business managers, office managers, and operations managers. This appendix is one of

More information

Internet Quick Start Guide. Get the most out of your Midco internet service with these handy instructions.

Internet Quick Start Guide. Get the most out of your Midco internet service with these handy instructions. Internet Quick Start Guide Get the most out of your Midco internet service with these handy instructions. 1 Contents Internet Security................................................................ 4

More information

Preparing Your Personal Computer to Connect to the VPN

Preparing Your Personal Computer to Connect to the VPN Preparing Your Personal Computer to Connect to the VPN (Protecting Your Personal Computer Running Windows) Using the VPN to connect your computer to the campus network is the same as bringing your computer

More information

Computer Viruses: How to Avoid Infection

Computer Viruses: How to Avoid Infection Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you

More information

Cyber Security Beginners Guide to Firewalls A Non-Technical Guide

Cyber Security Beginners Guide to Firewalls A Non-Technical Guide Cyber Security Beginners Guide to Firewalls A Non-Technical Guide Essential for Business Managers Office Managers Operations Managers Multi-State Information Sharing and Analysis Center (MS-ISAC) U.S.

More information

Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list)

Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list) Configuring Wireless Security on ProSafe wireless routers (WEP/WPA/Access list) Hackers can easily trap information transmitted over wireless network, it has to be encrypted to avoid unauthorized users

More information

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com

AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS ftrsecure.com Can You Separate Myths From Facts? Many Internet myths still persist that could leave you vulnerable to internet crimes. Check out

More information

GETTING STARTED WITH A COMPUTER SYSTEM FACTSHEET

GETTING STARTED WITH A COMPUTER SYSTEM FACTSHEET FACTSHEET When setting up a small business there can be many areas of uncertainty, but getting your IT or computer systems right and connected does not need to be one of them. If your company is either

More information

SonicWALL Makes Wireless Networking Secure

SonicWALL Makes Wireless Networking Secure SonicWALL Makes Wireless Networking Secure Defines the Challenges Facing Organizations Interested in Deploying Wireless Network Security CONTENTS Abstract 1 The Demand for Wireless 1 IT Concerns No Small

More information

Part 14: USB Port Security 2015

Part 14: USB Port Security 2015 Part 14: USB Port Security This article is part of an information series provided by the American Institute of Healthcare Compliance in response to questions we receive related to Meaningful Use and CEHRT

More information

Frequently Asked Questions

Frequently Asked Questions Frequently Asked Questions 1) What does SkyBest Internet Guardian do? Prevents e-mail and image spam from reaching your inbox Halts access to dangerous Web pages Stops Web sites from installing dangerous

More information

THE 123 OF WIRELESS SECURITY AT HOME 家 居 WIFI 保 安 123

THE 123 OF WIRELESS SECURITY AT HOME 家 居 WIFI 保 安 123 THE 123 OF WIRELESS SECURITY AT HOME 家 居 WIFI 保 安 123 CONFIGURING YOUR HOME WIRELESS NETWORK Presented by: Mr. Eric Fan, Chairman, PISA Knowledge 123 Firmware 軟 韌 體 Knowledge 123 Home Network Functions

More information

MN-700 Base Station Configuration Guide

MN-700 Base Station Configuration Guide MN-700 Base Station Configuration Guide Contents pen the Base Station Management Tool...3 Log ff the Base Station Management Tool...3 Navigate the Base Station Management Tool...4 Current Base Station

More information

Chapter 3 Safeguarding Your Network

Chapter 3 Safeguarding Your Network Chapter 3 Safeguarding Your Network The RangeMax NEXT Wireless Router WNR834B provides highly effective security features which are covered in detail in this chapter. This chapter includes: Choosing Appropriate

More information

Business Internet Banking / Cash Management Fraud Prevention Best Practices

Business Internet Banking / Cash Management Fraud Prevention Best Practices Business Internet Banking / Cash Management Fraud Prevention Best Practices This document provides fraud prevention best practices that can be used as a training tool to educate new Users within your organization

More information

How to Use Windows Firewall With User Account Control (UAC)

How to Use Windows Firewall With User Account Control (UAC) Keeping Windows 8.1 safe and secure 14 IN THIS CHAPTER, YOU WILL LEARN HOW TO Work with the User Account Control. Use Windows Firewall. Use Windows Defender. Enhance the security of your passwords. Security

More information

Frequently Asked Questions

Frequently Asked Questions FAQs Frequently Asked Questions Connecting your Linksys router to the Internet 1 What computer operating systems does my Linksys router support? 1 Why can t I connect my computer or device to my router?

More information

10 Quick Tips to Mobile Security

10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22

More information

InterPath Financial Institution: Network Security Implementation. By Allan Feid

InterPath Financial Institution: Network Security Implementation. By Allan Feid InterPath Financial Institution: Network Security Implementation By Allan Feid 4/30/2008 Table of Contents InterPath Financial Institution: Network Security Implementation...1 Executive Summary...3 The

More information

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management SECURING YOUR SMALL BUSINESS Principles of information security and risk management The challenge Information is one of the most valuable assets of any organization public or private, large or small and

More information

Small Business IT Basic Security Guide:

Small Business IT Basic Security Guide: Small Business IT Basic Security Guide: 20 Common-Sense Steps to Protect Your Network, Your Data, and Your Business Created by John Coleman Managing Director + Principal, 1123IT Version 1.1 (Fall 2014)

More information

Please note that in VISA s vernacular this security program for merchants is sometimes called CISP (cardholder information security program).

Please note that in VISA s vernacular this security program for merchants is sometimes called CISP (cardholder information security program). Introduction This document serves as a guide for TCS Retail users who are credit card merchants. It is written to help them become compliant with the PCI (payment card industry) security requirements.

More information

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines

Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines Secure and Safe Computing Primer Examples of Desktop and Laptop standards and guidelines 1. Implement anti-virus software An anti-virus program is necessary to protect your computer from malicious programs,

More information

VPN Lesson 2: VPN Implementation. Summary

VPN Lesson 2: VPN Implementation. Summary VPN Lesson 2: VPN Implementation Summary 1 Notations VPN client (ok) Firewall Router VPN firewall VPN router VPN server VPN concentrator 2 Basic Questions 1. VPN implementation options for remote users

More information

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong

VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security

More information

On-Site Computer Solutions values these technologies as part of an overall security plan:

On-Site Computer Solutions values these technologies as part of an overall security plan: Network Security Best Practices On-Site Computer Solutions Brian McMurtry Version 1.2 Revised June 23, 2008 In a business world where data privacy, integrity, and security are paramount, the small and

More information

Data Backup Options for SME s

Data Backup Options for SME s Data Backup Options for SME s As an IT Solutions company, Alchemy are often asked what is the best backup solution? The answer has changed over the years and depends a lot on your situation. We recognize

More information

Potential Security Vulnerabilities of a Wireless Network. Implementation in a Military Healthcare Environment. Jason Meyer. East Carolina University

Potential Security Vulnerabilities of a Wireless Network. Implementation in a Military Healthcare Environment. Jason Meyer. East Carolina University Potential Security Vulnerabilities of a Wireless Network Implementation in a Military Healthcare Environment Jason Meyer East Carolina University Abstract This paper will look into the regulations governing

More information

High Speed Internet - User Guide. Welcome to. your world.

High Speed Internet - User Guide. Welcome to. your world. High Speed Internet - User Guide Welcome to your world. 1 Welcome to your world :) Thank you for choosing Cogeco High Speed Internet. Welcome to your new High Speed Internet service. When it comes to a

More information

10 steps to better secure your Mac laptop from physical data theft

10 steps to better secure your Mac laptop from physical data theft 10 steps to better secure your Mac laptop from physical data theft Executive summary: This paper describes changes Mac users can make to improve the physical security of their laptops, discussing the context

More information

Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows

Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows Compulink Advantage Cloud sm Software Installation, Configuration, and Performance Guide for Windows Compulink Business Systems, Inc. 2645 Townsgate Road, Suite 200 Westlake Village, CA 91361 2013 Compulink

More information

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background:

CNA NetProtect Essential SM. 1. Do you implement virus controls and filtering on all systems? Background: 1. Do you implement virus controls and filtering on all systems? Anti-Virus anti-virus software packages look for patterns in files or memory that indicate the possible presence of a known virus. Anti-virus

More information

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work

N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work N-CAP Users Guide Everything You Need to Know About Using the Internet! How Firewalls Work How Firewalls Work By: Jeff Tyson If you have been using the internet for any length of time, and especially if

More information

Firewalls for the Home & Small Business. Gordon Giles DTEC 6810. Professor: Dr. Tijjani Mohammed

Firewalls for the Home & Small Business. Gordon Giles DTEC 6810. Professor: Dr. Tijjani Mohammed 1 Firewalls for the Home & Small Business Gordon Giles DTEC 6810 Professor: Dr. Tijjani Mohammed 2 Abstract A firewall can be in the form of hardware, software or a combination of the two. It is basically

More information

Healthcare IT Compliance Service. Services > Overview MaaS360 Healthcare IT Compliance Service

Healthcare IT Compliance Service. Services > Overview MaaS360 Healthcare IT Compliance Service Services > Overview MaaS360 Ensure Technical Safeguards for EPHI are Working Monitor firewalls, anti-virus packages, data encryption solutions, VPN clients and other security applications to ensure that

More information

What Do You Mean My Cloud Data Isn t Secure?

What Do You Mean My Cloud Data Isn t Secure? Kaseya White Paper What Do You Mean My Cloud Data Isn t Secure? Understanding Your Level of Data Protection www.kaseya.com As today s businesses transition more critical applications to the cloud, there

More information

Prepared For: Sample Customer Prepared by: Matt Klaus, GFI Digital Inc.

Prepared For: Sample Customer Prepared by: Matt Klaus, GFI Digital Inc. Agreement for IT Assessment Assessment Recommendation Statement of Work Onboarding Prepared For: Sample Customer Prepared by: Matt Klaus, GFI Digital Inc. TABLE OF CONTENTS INTRODUCTION 3 UNDERSTANDING

More information

What You Should Know About Cloud- Based Data Backup

What You Should Know About Cloud- Based Data Backup What You Should Know About Cloud- Based Data Backup An Executive s Guide to Data Backup and Disaster Recovery Matt Zeman 3Fold IT, LLC PO Box #1350 Grafton, WI 53024 Telephone: (844) 3Fold IT Email: Matt@3FoldIT.com

More information

5 IT Hacks To Reduce IT Support Tickets

5 IT Hacks To Reduce IT Support Tickets 5 IT Hacks To Reduce IT Support Tickets Simple steps to reduce your dollar spend to keep your systems up and running. Gartner reports that a well managed computer can be 42% less epensive than an unmanaged

More information

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to Health Information Risks vary based on the mobile device and its use. Some risks include:

More information

8 Steps for Network Security Protection

8 Steps for Network Security Protection 8 Steps for Network Security Protection cognoscape.com 8 Steps for Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because

More information

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4.

nwstor Storage Security Solution 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. CONTENTS 1. Executive Summary 2. Need for Data Security 3. Solution: nwstor isav Storage Security Appliances 4. Conclusion 1. EXECUTIVE SUMMARY The advantages of networked data storage technologies such

More information

Firewall and UTM Solutions Guide

Firewall and UTM Solutions Guide Firewall and UTM Solutions Guide Telephone: 0845 230 2940 e-mail: info@lsasystems.com Web: www.lsasystems.com Why do I need a Firewall? You re not the Government, Microsoft or the BBC, so why would hackers

More information

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008

INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG ITMC TECH TIP ROB COONCE, MARCH 2008 INFORMATION TECHNOLOGY MANAGEMENT COMMITTEE LIVINGSTON, NJ WWW.LIVINGSTONNJ.ORG What is wireless technology? ITMC TECH TIP ROB COONCE, MARCH 2008 In our world today, this may mean sitting down at a coffee

More information

8 Steps For Network Security Protection

8 Steps For Network Security Protection 8 Steps For Network Security Protection 8 Steps For Network Security Protection Many small and medium sized businesses make the mistake of thinking they won t be the target of hackers because of their

More information

Footprinting and Reconnaissance Tools

Footprinting and Reconnaissance Tools Footprinting and Reconnaissance Tools Topic 1: Common Port Scanning Techniques Do some research on computer ports that are most often scanned by hackers. Identify a port scanning exploit that is interesting

More information

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)?

Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? SaaS vs. COTS Why SaaS (Software as a Service) and not COTS (Commercial Off The Shelf software)? Unlike COTS solutions, SIMCO s CERDAAC is software that is offered as a service (SaaS). This offers several

More information

White Paper - Crypto Virus. A guide to protecting your IT

White Paper - Crypto Virus. A guide to protecting your IT White Paper - Crypto Virus A guide to protecting your IT Contents What is Crypto Virus?... 3 How to protect yourself from Crypto Virus?... 3 Antivirus or Managed Agents... 3 Enhanced Email Services & Extra

More information

Data Loss Prevention in the Enterprise

Data Loss Prevention in the Enterprise Data Loss Prevention in the Enterprise ISYM 525 Information Security Final Paper Written by Keneth R. Rhodes 12-01-09 In today s world data loss happens multiple times a day. Statistics show that there

More information

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation... 1. Areas for Improvement... 2 Report No. 13-35 September 27, 2013 Appalachian Regional Commission Table of Contents Results of Evaluation... 1 Areas for Improvement... 2 Area for Improvement 1: The agency should implement ongoing scanning

More information

Finally, An Easy Way To Never Have To Deal with Computer Problems Again!

Finally, An Easy Way To Never Have To Deal with Computer Problems Again! Finally, An Easy Way To Never Have To Deal with Computer Problems Again! Finally, An Easy Way To Keep Your Computers Running Faster, Cleaner, And Problem Free Without The Expense Of A Full-Time IT Staff

More information

Open an attachment and bring down your network?

Open an attachment and bring down your network? Open an attachment and bring down your network? Many people think this will never happen to them, but virus attacks can come from unlikely sources and can strike when you least expect it. They can wreak

More information

INFORMATION TECHNOLOGY. Revised May 07. Home Networking Guide

INFORMATION TECHNOLOGY. Revised May 07. Home Networking Guide INFORMATION TECHNOLOGY Revised May 07 Home Networking Guide Contents Introduction... 3 Intent... 3 Disclaimer... 3 Rexnord Support limitations... 3 Remotely Connecting to the Rexnord Data Network... 3

More information

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.

This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com

More information

Backing up Data. You have lots of different options for backing up data, different methods offer different protection.

Backing up Data. You have lots of different options for backing up data, different methods offer different protection. Backing up Data Why Should I Backup My Data? In these modern days more and more is saved on to your computer. Sometimes its important work you can't afford to lose, it could also be music, photos, videos

More information

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to to Health Mobile Information Devices: Risks to Health Information Risks vary based on the

More information

When you listen to the news, you hear about many different forms of computer infection(s). The most common are:

When you listen to the news, you hear about many different forms of computer infection(s). The most common are: Access to information and entertainment, credit and financial services, products from every corner of the world even to your work is greater than ever. Thanks to the Internet, you can conduct your banking,

More information

How To Protect Your Data From Being Hacked

How To Protect Your Data From Being Hacked Data Security and the Cloud TABLE OF CONTENTS DATA SECURITY AND THE CLOUD EXECUTIVE SUMMARY PAGE 3 CHAPTER 1 CHAPTER 2 CHAPTER 3 CHAPTER 4 CHAPTER 5 PAGE 4 PAGE 5 PAGE 6 PAGE 8 PAGE 9 DATA SECURITY: HOW

More information

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP

SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP SCADA and Security Are they Mutually Exclusive? Terry M. Draper, PE, PMP Today s Topics SCADA Overview SCADA System vs. IT Systems Risk Factors Threats Potential Vulnerabilities Specific Considerations

More information

General Questions... 1. Requesting Access... 2. Client Support... 3. Downloading Issues... 4. Installation Issues... 4. Connectivity Issues...

General Questions... 1. Requesting Access... 2. Client Support... 3. Downloading Issues... 4. Installation Issues... 4. Connectivity Issues... Contents General Questions... 1 Requesting Access... 2 Client Support... 3 Downloading Issues... 4 Installation Issues... 4 Connectivity Issues... 5 Performance Issues... 7 Application Issues... 8 General

More information

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005

Brazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005 Brazosport College VPN Connection Installation and Setup Instructions Draft 2 March 24, 2005 Introduction This is an initial draft of these instructions. These instructions have been tested by the IT department

More information

Cyber Security Education & Awareness. Guide for User s

Cyber Security Education & Awareness. Guide for User s Cyber Security Education & Awareness Guide for User s Release Q1 2010 Version 1.1 CONTENTS 1. Introduction 2. Protection against Nasty Code 3. System Security Maintenance 4. Personal Firewalls 5. Wireless

More information

Information Technology Security Procedures

Information Technology Security Procedures Information Technology Security Procedures Prepared By: Paul Athaide Date Prepared: Dec 1, 2010 Revised By: Paul Athaide Date Revised: September 20, 2012 Version 1.2 Contents 1. Policy Procedures... 3

More information

Top 10 Security Checklist for SOHO Wireless LANs

Top 10 Security Checklist for SOHO Wireless LANs Expert Reference Series of White Papers Top 10 Security Checklist for SOHO Wireless LANs 1-800-COURSES www.globalknowledge.com Top 10 Security Checklist for SOHO Wireless LANs David Coleman, AirSpy Networks

More information

Penetration Testing Report. Client: xxxxxx Date: 19 th April 2014

Penetration Testing Report. Client: xxxxxx Date: 19 th April 2014 1. Executive Summary Penetration Testing Report Client: xxxxxx Date: 19 th April 2014 On the 19th of April, a security assessment was carried out on the internal networks of xxxxxx, with the permission

More information

Security & SMEs. An Introduction by Jan Gessin. Introduction to the problem

Security & SMEs. An Introduction by Jan Gessin. Introduction to the problem Security & SMEs An Introduction by Jan Gessin Introduction to the problem SMEs convinced it will never happen to them. In many ways SMEs are more of a target than big business. Harsh realities of the online

More information

How To Secure A Remote Worker Network

How To Secure A Remote Worker Network Key Steps to a Secure Remote Workforce Telecommuting benefits the employee and the company, the community and the environment. With the right security measures in place, there s no need to delay in creating

More information

WLAN Security Networking with Confidence

WLAN Security Networking with Confidence WLAN Security Networking with Confidence Introduction So you ve just installed a new wireless local area network (WLAN) in your small business or home. The access point is on and connected, the client

More information

What are Hosted Desktops?

What are Hosted Desktops? Hosted Desktops An introduction to Hosted Desktops from Your Office Anywhere Hosted Desktops from Your Office Anywhere provide Flexibility, Reliability and Security and offer genuine cost savings against

More information

Why you need. McAfee. Multi Acess PARTNER SERVICES

Why you need. McAfee. Multi Acess PARTNER SERVICES Why you need McAfee Multi Acess PARTNER SERVICES McAfee Multi Access is an online security app that protects all types of devices. All at once. The simple monthly subscription covers up to five devices

More information

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org

INTERNET & COMPUTER SECURITY March 20, 2010. Scoville Library. ccayne@biblio.org INTERNET & COMPUTER SECURITY March 20, 2010 Scoville Library ccayne@biblio.org Internet: Computer Password strength Phishing Malware Email scams Identity Theft Viruses Windows updates Browser updates Backup

More information

Link Layer and Network Layer Security for Wireless Networks

Link Layer and Network Layer Security for Wireless Networks Link Layer and Network Layer Security for Wireless Networks Interlink Networks, Inc. May 15, 2003 1 LINK LAYER AND NETWORK LAYER SECURITY FOR WIRELESS NETWORKS... 3 Abstract... 3 1. INTRODUCTION... 3 2.

More information

Student Halls Network. Connection Guide

Student Halls Network. Connection Guide Student Halls Network Connection Guide Contents: Page 3 Page 4 Page 6 Page 10 Page 17 Page 18 Page 19 Page 20 Introduction Network Connection Policy Connecting to the Student Halls Network Connecting to

More information

7 Critical Facts Every Business Owner Must Know About Protecting Their Computer Network From Downtime, Data Loss, Viruses, Hackers and Disasters

7 Critical Facts Every Business Owner Must Know About Protecting Their Computer Network From Downtime, Data Loss, Viruses, Hackers and Disasters 7 Critical Facts Every Business Owner Must Know About Protecting Their Computer Network From Downtime, Data Loss, Viruses, Hackers and Disasters If You Depend On Your Computer Network To Run Your Business,

More information

National Cyber Security Month 2015: Daily Security Awareness Tips

National Cyber Security Month 2015: Daily Security Awareness Tips National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.

More information

Security Awareness. Wireless Network Security

Security Awareness. Wireless Network Security Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition

More information

If security were all that mattered, computers would never be turned on, let alone hooked into a network with literally millions of potential intruders. Dan Farmer, System Administrators Guide to Cracking

More information

INFORMATION SECURITY FOR YOUR AGENCY

INFORMATION SECURITY FOR YOUR AGENCY INFORMATION SECURITY FOR YOUR AGENCY Presenter: Chad Knutson Secure Banking Solutions, LLC CONTACT INFORMATION Dr. Kevin Streff Professor at Dakota State University Director - National Center for the Protection

More information

Introduction to Computing @ WSU

Introduction to Computing @ WSU Introduction to Computing @ WSU Table of Contents 1 - Information Technology (IT) Security... 2 Information to Remember... 2 2 - Malware... 2 Information to Remember... 3 3 - Firewalls... 3 Information

More information

TMCEC CYBER SECURITY TRAINING

TMCEC CYBER SECURITY TRAINING 1 TMCEC CYBER SECURITY TRAINING Agenda What is cyber-security? Why is cyber-security important? The essential role you play. Overview cyber security threats. Best practices in dealing with those threats.

More information

The next generation of knowledge and expertise Wireless Security Basics

The next generation of knowledge and expertise Wireless Security Basics The next generation of knowledge and expertise Wireless Security Basics HTA Technology Security Consulting., 30 S. Wacker Dr, 22 nd Floor, Chicago, IL 60606, 708-862-6348 (voice), 708-868-2404 (fax), www.hta-inc.com

More information

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875

OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,

More information

This guide will go through the common ways that a user can make their computer more secure.

This guide will go through the common ways that a user can make their computer more secure. A beginners guide in how to make a Laptop/PC more secure. This guide will go through the common ways that a user can make their computer more secure. Here are the key points covered: 1) Device Password

More information

Roger s Cyber Security and Compliance Mini-Guide

Roger s Cyber Security and Compliance Mini-Guide Roger s Cyber Security and Compliance Mini-Guide A Mini Guide for Small and Medium Business and not for profit organisations. By Roger Smith Managed Service Provider and Cyber Security Coach R & I ICT

More information

Business continuity. Protecting your systems in today s world

Business continuity. Protecting your systems in today s world Business continuity Protecting your systems in today s world Introduction Lee Drake, OS-Cubed, Inc. Contact: ldrake@os-cubed.com Phone: 585-756-2444 30 years of support LOL Cat warning Warning this presentation

More information