Hackers and cyber criminals don’t just target the big organizations. Small businesses can also be a goldmine, whether via targeted attacks or just stumbling upon a lost smartphone or flash drive. Thus small businesses should secure their network and data as much as they can. And here I’ll share some tips to help.
Securing Your Network
Wi-Fi security is extremely important to prevent those nearby from connecting to or hacking onto your network. Though the Personal (PSK) mode of WPA2 with a strong global password can provide good security, it isn’t designed for business-use. The Enterprise mode of WPA2 with 802.1X authentication, however, allows you to assign each user their own username and password to log onto the Wi-Fi. Thus you can change or revoke access when an employee loses a Wi-Fi device or leaves the organization. To use the Enterprise mode of WPA2 you must have a RADIUS server. FreeRADIUS is an open source option but there are cloud-based services out there that can host the server for you.
For more on deploying enterprise Wi-Fi security in small businesses, see a past article.
Enabling encryption is just one step to help protect your network. Also ensure your network is physically secure to prevent employees and visitors inside from tampering with your hardware or settings. Ensure your modem, router, access points, and cabling are all hidden and inaccessible to the public and regular employees. Educating your employees can also help. For instance, let them know who can connect to the network, who can access the equipment, and ensure they don’t connect to neighboring Wi-Fi networks.
Securing Public Wi-Fi Connections
It’s not only your company network you need to worry about, but also when employees are out and about connecting to other networks with their laptops and mobile devices. If the network isn’t encrypted, like the case is with most public hotspots, eavesdroppers nearby can capture their Internet activity and possibly passwords and other sensitive information.
For more on public Wi-Fi security risks and preventative measures, check out a past article.
Protecting Your Smartphones and Tablets
Even though you might not store sensitive files on your smartphone or tablet, you still don’t want others accessing them if they become lost or stolen. They could access your email, messages, contacts, call logs, and access apps you have installed that may contain sensitive info or data. They could even gain access to your home and work Wi-Fi network if you have configured the device to connect.
To prevent others from accessing your mobile devices if they become lost or stolen, set a PIN or password. Though
it’s not convenient to enter it every time you get on the device you’ll have peace of mind later if it becomes lost or stolen.
And to track down your mobile devices if they become lost or stolen, consider installing an antitheft app. These allow you to remotely control the device from a PC or other device. Most allow you to view the device’s GPS location on a map, make it siren (even if it’s set in silent mode), set a PIN or password if you haven’t already, and even wipe the phone if you think you won’t get it back.
For Android devices consider an anti-theft app that also provides antivirus and malware protection, such as Lookout Security & Antivirus, avast! Mobile Security, or Norton Security & Antivirus. For Apple iOS devices Apple offers Find My iPhone, iPad, or Mac via the iCloud service. BlackBerry offers BlackBerry Anti-Theft Security and Windows Phone provides Find My Phone via Windows Live.
Securing Your Laptops
A Windows password can be easily bypassed by removing it using bootable software or connecting your hard drive to another computer, allowing thieves access to your files, email, passwords, and other sensitive data. Though Windows 8 certified laptops have Secure Boot to help prevent these types of attacks, it can be bypassed. Thus you should consider encrypting the entire hard drive on your laptop.
If running the Ultimate or Enterprise editions of Windows Vista or Windows 7, you can use the BitLocker Drive Encryption tool to encrypt entire volumes, including the Windows volume. If you don’t have these premium editions, or are using Windows XP, you can use third-party encryption solutions. DiskCryptor is one solution that lets you encrypt existing system volumes without formatting or reinstalling Windows.
Protecting Your Portable Drives
A lost or stolen drive can also have serious consequences depending upon the data you store on it. In addition to losing your files, anyone else who gets their hands on it can easily access your files if you don’t properly secure your flash or portable drive. You should use some type of encryption to protect your data. Keep in mind, simple password-protection can usually be easily cracked—ensure you use a true encryption method.
Some programs (like Microsoft Office 2007 and later) allow you to encrypt individual files you create using that program, which can provide reasonable security depending upon the exact encryption method used. But consider using an encryption method that lets you protect all the data you store on it.
You can buy drives that come loaded with an encryption solution already—usually costing more—or use third-party solutions. Microsoft offers the BitLocker To Go feature that allows you to encrypt portable drives in the Enterprise and Ultimate editions of Windows 7 and later for use on any PC running Windows XP and later. Plus there are many other free solutions, such as FreeOTFE and TrueCrypt.
Securing Your File Backups
Backup security is often forgotten about, but is very important. Whatever your backup solution is you should ensure your files are kept encrypted, especially if backed up data is kept on discs or portable drives that can easily be forgotten about or carried off, or when using third-party online storage.
Protecting Against Malware and Intrusions
Though Wi-Fi hacking and mobile device theft are getting a lot of attention these days, don’t forget about those good old viruses and hackers. Ensure all computers and devices employees use for work are actively protected against malware and intrusions, and don’t forget about employee laptops and Windows tablets. Consider implementing a managed end-point solution where you can monitor the devices. Plus even consider using a security suite on smartphones and tablets.
I shared many tips on securing your network, files, computers, and mobile devices. Always remember to use encryption when you can and consider the physical security of your network and devices as well. It’s also a good idea to keep an up-to-date inventory of all networking and tech products.