If you are thinking about starting a business, information systems will probably factor into your plans at sometime. The business will require some sort of application software and the requisite information created from the application – whether the solution is simply an Excel spreadsheet or something more advanced and automated like QuickBooks Pro or an enterprise resource management system. Subjects like disaster recovery, data protection, cyber security, web filtering, etc., are subjects entrepreneurs should be thinking about. Securing your business is the next article in a series of articles that will introduce the new,and experienced, business owner to information technology intricacies that should be included in your business plans. Because security should be a layered approach this first issue will introduce the idea of Network Security.
Cyber security should be a layered approach like the physical security of your business. To secure your business for the evening, you lock yours doors and windows, turn on an alarm system, lock up your valuables or whatever is important to you in a safe or take the items off site with you. Cyber security is no different and maybe even a little more intimidating. At least physical security is somewhat of a tactile event, meaning you can touch and feel what you are trying to protect. With computer systems, attacks can appear intangible until the systems are penetrated and information is stolen. If your business is connected to the Internet, someone is trying to break into your network or, at the very least, scanning your network looking for vulnerabilities to exploit all of the time.
During research regarding next generation of cyber attacks, the analysis clarified the attackers are targeting applications and users more than network vulnerabilities. Further complicating matters, the attackers are preying on home networks and smaller businesses. Why? Most of the time, owners of the systems believe they are off the radar of malicious individuals when in fact smaller networks appear easier to penetrate and manipulate. From these launching points, the perpetrator can exploit larger institutions from the trusted smaller entity.
Applications become the point of attack because the operation of the software relies on ports being open through the firewall or router. An example of a port would be http. In order for http to work, TCP port 80 must be allowed. So if Joe Hacker writes an exploit that works over TCP port 80, you cannot block the attack unless you do not want to use http or the appropriate changes are made to mitigate the exploit.
Users are exploited by tempting emails and malicious websites that entice users to click links that unleash exploits to infect the computer with worms, viruses, trojans, rootkits, or botware. Being infected by a rootkit usually means the owner of the computer system will be re-installing the operating system and applications in order to eradicate the infection. Rootkits are particularly painful because the exploits become part of the operating system. One rootkit went so far as to install an anti-virus tool to keep other competitors away from their property.
If the business is connected to the Internet, a router is the bare minimum you need for separation. Using a router as a security device, there should be an access control list to deny or allow what enters and exists your network – ideally, deny should be the default and allow is the exception. At best, the network should have a firewall and screening router for homes and businesses that have a cable modem or DSL connection. Unfortunately, configuring and maintaining firewalls is not for the faint of heart. Please keep in mind a firewall is just a computer with multiple network cards installed and highly specialized software. Firewalls are somewhat “geeky” and unfriendly to say the least.
Cisco Pix firewalls are good but there is really no such thing as a Graphical User Interface (GUI) to manage and setup the firewall. Check Point and Juniper for small businesses are not any friendlier because they have a GUI. And those devices can be “pricey”. You can also look at an open source solution for your firewall solution. Open source will be free for the software – which is what a firewall really is – sophisticated software. You will need to have the hardware already but you do not have to have the newest greatest hardware. I used an old desktop computer and added an extra network card to build a firewall.
– Considerations for securing your network:
– Web Filtering
– Intrusion Detection Systems or Intrusion Prevention Systems
– Stateful Inspection
– Application Filtering
– Spam Filtering
Web filtering is a must if you have children in your family or employees in your company. Trying to filter websites is an interesting task but you can save yourself a lot of trouble by blocking certain Internet sites. Web filtering can be expensive but there are free alternatives. For instance, savvybuyerhub OpenDNS is a free service your business can run today with immediate results to filter your Internet connections. All you need to do is change the DNS entry in the DHCP server whether it is a cable or DSL modem. You can filter out pornography, parked domains, advertising, etc. You will need to setup an account before you can use the service. I would also recommend installing the OpenDNS client to help keep track of our IP address. Most cable or DSL connections use dynamic host configuration protocol (DHCP) to allocate addresses.
For larger implementations, a unified threat management device can be used. These devices can filter out spam, catch known malware as the exploits are entering your network, intrusion prevention systems eliminates known network threats, as well as performing standard packet inspection. A professional should be hired to install a UTM. The UTM professional should be able to help you get the filtering setup properly. Negotiate a maintenance agreement when you purchase the device. The maintenance should be negotiable. If you cannot get a fair price, look for someone else that knows your product. Best vape shops in USA
Protecting your business at the network layer is a wise move but just putting in a screening router and firewall is only half the equation. Firewall and router logs should be kept for a time so the history can be analyzed. But, analyzing security logs takes a certain amount of skill and knowledge. It should be possible to find a managed service to take care of the your firewall and the rules involved to secure the network. That is why you need a maintenance agreement or hire a managed service. One of the first things done for your network is to perform a baseline evaluation. The baseline will provide a level set of what is normal for your network. The MSP or maintenance agreement should provide a monthly report showing the traffic being blocked or filtered. Buy OL-Tramadol online
I have mixed feeling regarding filtering ports. As stated earlier, the astute hacker will exploit ports that are open all the time such as 80, 443, 25, 53, etc. But some sports should never be allowed open. Ultimately, you will need to filter source ports 22-23 TCP, 135-139 TCP /UDP, 445 TCP/UDP, 1433-34 TCP/UDP, 389 TCP/UDP, 161-62 TCP/UDP existing your network. You could also block these same ports coming into your network.