A secure network for a small business is no small matter, so what's to be done?
Small businesses normally have a small network staff, perhaps a well-rounded computer person who seems to know about every aspect of computing and networks, someone to whom you can entrust your system, and your network security. If you're such a person, or in charge of such a person or small IT staff, you'll want to be certain that your network is truly protected.
The reasons are obvious: information theft and software corruption. This is especially important if your systems are exposed to the internet, which, of course, most are. There is an abundance of infiltrators out there trying to get into your data, maybe into your accounting system or bank accounts.
Then there's the possibility of identity theft, the theft of your employees social security numbers, for instance. These infiltrators are ingenious and are constantly seeking new ways to get in. They know that a small business, probably not having a person or unit solely dedicated to network security, is the easier target among businesses.
They know that most small businesses buy ready-made network systems, systems that you or your staff may be competent to install, but not necessarily competent to secure. A small business is prime pickings.
Networked systems out-of-the-box will claim security is guaranteed because getting into the system requires a password. Did you know that there are programs that can figure out your passwords? These run at terrific speeds, trying every possible combination of characters, starting with those most often used. Your best bet is to enforce a password policy that requires some odd combination of characters.
For instance, you could require all passwords to have at least one numeral in them. You could also require lengthy passwords. These take a lot longer to crack. There is also the normal protection of allowing a user only three tries before breaking connection. The cracker has to keep re-connecting to try new combinations. It's a good policy if you want passwords and can be an effective network security technique.
A common security hole in small businesses is the trust you must place in your employees. Sure, they're okay when you're paying them, but after they leave, well, watch out for some of them at least. Security is constantly compromised by ex-employees who have taken passwords with them.
They are able to get into your systems in a variety of ways, or they can simply let others know how to get into them. When an employee leaves, as that employee is walking out the door, this access should be stopped, his passwords changed, or his account(s) removed. Don't forget to cut off email access as well.
Small business network security also means that you've configured your systems when they are installed. Most out-of-the-package systems come with all doors open, especially firewalls. Be forward-looking: to hire a systems person who has a good knowledge of firewalls. Don't trust the vendor's assurance. Close those doors.
Also, make sure you, or your staff, is doing everything to prevent virus infection. It's an epidemic! About 1200 new ones come up every month; your installed anti-virus software may not recognize them. Keep anti-virus software up to date, limit downloading, and layer your security so that each layer, network and LAN, email and individual workstations, have anti-virus software.
Because network security is so important to your business, and there are other considerations, strategies, and techniques to secure your network, perhaps the best approach is to find a good network security consultant, have them study out your systems, and provide recommendations. They may be worth the cost, but if they're any good, you'll never know it, because you won't have a security breach. Ironic.