Securing your Business from Cyber Threats

What can you do to secure your business from the current internet threats? Listening to all the news about botnets, google being hacked, cybercrime and even cyber threats from terrorists have a lot of business owners alarmed.

What can you do to secure your business from these internet threats? Here are some safety tips:

  • Make sure you have a Firewall/ Router installed, especially for Broadband connections
  • Windows Firewall activated on your local machine offers an extra layer of protection
  • Make sure you change the default passwords for your Firewall/ Routers/ Wireless routers
  • Do not use WEP on your Wireless routers, use WPA or preferably WPA2.
  • Make sure that your system is set to get Microsoft Updates Automatically (Or from your Server)
  • Check that it is actually updating
  • Check that your server and workstations have anti-virus installed and that it is being updating automatically
  • Each computer should also have anti-spyware protection (I prefer PCTools Spydoctor with Anti-Virus)
  • Turn off services on your server that are not being used
  • Use different passwords for different sites
  • Use complex passwords (Upper/Lower case letters, numbers and symbols) on banking and shopping sites.
  • Clear your internet history after visiting a shopping site or online banking

That will help against a lot of the exploit type threats. Security updates are paramount, it has been said that an un-patched machine on a broadband connection will be infected within 20-30 minutes. The next threats are the phishing type threats. These are online threats where they try to get you to install software on your machine that they can use to connect covertly to you. These programs communicate from your machine back to the attacker machine, passing through your firewall. To protect against these threats:

  • Do not go to any online stores or sites that say that the site certificate is not valid.
  • For any online banking/ shopping, make sure that the address in the browser starts with HTTPS, instead of just HTTP. HTTPS means that your browser is communicating to the website using encrypted or secure text.
  • Do not install “Video Codecs” to watch a video. Many times this is malware. Watch videos at youtube, or another common video site.
  • Do not run any virus scans that come up in your internet browser on a web page. This is a well known scam to install an actual virus on your machine. Do not click “yes”, “no”, or even “Cancel” on the page as it will still install the virus. Yeah, I know, they are evil. The best way to exit the webpage, and any page that won’t let you exit is to right click the internet explorer icon in the bottom bar on your screen and click “close window” with the left mouse button. If this will not work, then you have to press the Ctrl, Alt and Del keys all at once, click “Start Task Manager” and then click the APPLICATIONS tab. Find the Internet Explorer session running in APPLICATIONS and click it. Next click “End Task”.  It should close right away, if not a message may pop up asking you if you want to “end task” select “yes” or “ok” or “end now” (depending on your OS version).
  • Make sure your Adobe Reader is up to date. Click “Help” on the menu bar and “Check for Updates”. PDF files are a top target for hackers now, so make sure that your reader is current.
  • Do not click on links in e-mail messages. Hackers are spoofing e-mails, making it look like they are from name brand companies, but the links send you to compromised sites. Manually type the company address into your browser and surf there yourself.
  • Do not run programs from sites that you do not know. A recent botnet attack sent out e-mails that looked like government correspondence that said that North Korea had Nuked South Korea, and to see the news report you needed to unzip the file and run it. Believe it or not, many people did.
  • Don’t accept people that you don’t know into your social site or run programs from them. Botnets have been using techniques like this to spread via Facebook, etc.

Okay, these are the top security concerns. If you follow these tips you should be in pretty good shape. It’s a lot, I know, but the attacks are becoming very sophisticated. Just be careful online. If a site looks or feels questionable, don’t give them your credit card number. I have even heard of some sites selling Adobe Flash player and Adobe Reader, which are free programs. The best rule is “When in doubt, don’t.” I hope this helps. Please let me know if you have any questions.

D. Dieterle

 

~ by D. Dieterle on April 2, 2010.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: