Network Security

When it comes to network security, it is easy for Small to Medium sized Business (SMB) owners to say “not me”, and “they are only after the big guys.” This is because the news media only reports attacks on big companies, since they affect the most people and are therefore more sensational, drawing more viewers. The reality is that attacks on SMB computers and data are far more common and more likely to be successful. This is because they have fewer protections, have non-existent security policies, and are not maintained nearly as well.

The threats to your business are not limited to ransomware alone… but also include identity theft, extortion, and even disgruntled employees, among others. A typical attack will start by gaining entry into one system (a computer or other internet connected device), then silently spread to other devices. After the initial access, they try to give themselves permanent access and start harvesting data that they can sell, such as Personal Identity Information (PII), username/password combinations, financial/bank account information, and other sensitive information. The next steps are to encrypt important files in order to cripple your business and demand a ransom to get your data back. After the ransom is paid, they will often threaten to disclose the info they stole unless you pay an extortion payment. Some of the less scrupulous hacker organizations will sell your data whether you make the extortion payment or not.

To make matters worse, they often will leave a back door into your systems so they can repeat the process in the future. Interestingly, some hackers will actually patch your system vulnerabilities to prevent their competitors from having access to your data. This way, they will have exclusive access to your data and can charge a higher price when they sell it.

It has been estimated that every year, more than half of all SMBs are successfully breached and the average breach remains undetected for more than a year. It is well known that all internet connected devices are attacked (but not necessarily hacked successfully) within minutes of connecting to the internet.

To properly protect your computing environment, you need multiple layers of protection. Below are listed just some of the layers of protection necessary to protect you from hackers, ransomware, and other malicious actors. Every organization is unique and can be required to comply with different security standards, so contact us if you would like us to do a security assessment and provide you with a customized list of recommendations for your business.

• Updates – Keeping computers and network equipment updated is one of the most effective steps to preventing a possible network security issue. This step is actually so critical that if you skip this step, you undermine ALL of your other security protections
• Pen Testing – More regulatory bodies are requiring Pen testing (Penetration testing) for compliance certification. It has become an important tool to find your vulnerabilities so you can secure them before a hacker discovers one. Our Pen Testing team uses AI (Artificial Intelligence) along with the security professionals to detect the vulnerabilities faster, more efficiently, and less costly than using the traditional White Hat Hackers alone.
• Firewall – A common mistake most SMBs make is the lack of proper security at the border where your network connects to the internet. Most people think that a properly configured firewall is good enough to just “set it and forget it”. The truth is that hackers nowadays assume there is a firewall in place and are constantly developing new tactics and tools to make your unmonitored and unmaintained firewall ineffective against their assault. Like any computing device, your firewall should be patched, updated, and monitored to adjust to the new hacker tactics and tools. The firewalls we provide with our managed firewall service are actually a Unified Threat Management (UTM) device which includes many advanced features including:
  • Gateway Virus and Malware Filtering
  • Intrusion Protection Service (IPS)
  • Web Application Filtering (WAF)
  • Content Filtering
  • And Domain Name System (DNS) protection, among others

We also update the firewall’s firmware as new updates become available, so your protection stays effective and doesn’t become obsolete after just a few months after installation.

• Passwords – Password and password protection are proving to be an area that needs attention when discussing network security. Using sophisticated software and tools, hackers are easily gaining access to small business networks through simple or default passwords. We can also educate you on the difference between a password that looks secure, but isn’t, and a password that is secure, but can be easy to remember. You don’t have to make a password hard to remember in order for it to be secure.
• Endpoint Protection – (Formerly known as antivirus or antimalware.) Most people know that antivirus and antimalware software are necessary components of network security, but they unwittingly use substandard or ineffective antivirus products, which don't properly protect their computer systems in today's environment of advanced threats.
  • Most people think that all antivirus/antimalware products are basically the same, but that is not the case. Newer technologies have evolved rapidly in the past few years on both sides of the war on data theft. With thousands of ransomware variants being released daily (and that is just one threat to your data), the old signature based and behavior based virus detection systems that most antivirus software use, are outdated and let far too many threats sneak into your network. You should really be using the newer, AI (Artificial Intelligence) based detection systems with deep learning technologies that don't rely on signatures and behavior alone, and can catch the more elusive malware types.
  • The latest trend in malware is to use "living off the land" attacks which use tools already present on your computer. These attacks allow the attacker to just walk right through most virus protection systems since there are no malicious files on your disk to analyze. Your malware protection system needs to defend against these types of attacks, along with the older style of attacks.
  • In this current ransomware epidemic, it is critical that you be able to undo or roll-back the encryption that locks you out of your data. While you can do this by restoring a good backup, it would be real nice to have this feature built-in to your endpoint protection. While there are some products that do this, there are differences in the features and the effectiveness of the various solutions.
  • Contact us if you need assistance in selecting the right endpoint protection for you.
• Email Threat Protection – A major advancement over spam filtering, Email Threat Protection (ETP) is more important than ever. You need to not only block spam, but also embedded malicious software, links to malicious websites, phishing emails, spear phishing emails, and Business Email Compromise (BEC) emails. Also, a properly configured email system is critical to work with ETP to prevent BEC, which can divert your clients’ payments to a hacker’s account instead of being sent your business’s account.
• Zero Trust Network Access – Zero Trust Network Access (ZTNA) is one of the latest buzz words security professionals are using today. ZTNA provides additional protection by verifying not only the user, but also the computer before allowing it to access your network. As part of the computer’s verification, it checks with the computer’s endpoint protection to verify it is functioning properly and that there are no detections of malicious software on the computer. ZTNA can be used in combination with your public cloud application’s security to require your remote users to access that application through your company’s firewall for improved protection against hackers.