Small & Medium Business

The Basics of Securing My Business

The Basics of Securing My Business

What You Need to Know about Securing Your Business

In today's business world, there's nothing as essential - or as vulnerable - as your business network. It provides access to your critical applications and houses your sensitive company and customer data. A single network security breach can shut down your operations for days or allow a hacker to steal vital business data. The FBI estimates that US businesses lose US$67.2 billion annually due to computer-related crime.

That's why it's important to secure your network against these common threats:

  • E-mails and Website visits that can introduce viruses, spyware, and malware. These malicious programs can install themselves on your computers and record passwords or troll through files for credit card, bank account, and other sensitive information.

    The use of Web sites to host malicious code is exploding. Antivirus vendor Sophos reported that it was identifying 30,000 new malicious Web sites per day. These malicious Websites—as well as many legitimate sites that were infected with malicious code—infect millions of users each year.
  • Human intruders who can steal sensitive information about your company or customers. The number of organizations targeted by professional attackers is likely to grow. While much of the current professional cybercrime activity targets home users, organizations will likely see more infected systems attempting to access protected networks.

    Never assume network attacks will only come from outsiders. Loyal employees can inadvertently create security vulnerabilities. And disgruntled or former employees can cause considerable damage if they have access to secure information.

How Things Will Change: Protected from Threats
Things to Consider: Developing a Security Game Plan
Down the Road: Room to Grow and Adapt - Securely
Top 5 Questions to Ask a Partner about Network Security

How Things Will Change: Protected from Threats

Securing your network isn't just a defensive strategy. In addition to safeguarding your network from hackers and disasters, a secure network can help you:

  • Adapt more quickly and confidently to changing business conditions.
  • Build a secure foundation for e-business transactions.
  • Make sure you're in compliance with industry and government regulations. This is particularly useful for companies in healthcare, government financial services, and other industries where security levels are high.
  • Give your employees the widest appropriate levels of access to the tools and applications they need, whether they're working on their office desktop, in a hotel room or on the road.
  • Promote collaboration by allowing non-employees such as vendors and partners to access your network with appropriate controls.
  • Improve productivity by ensuring network "uptime" and by recovering more quickly from network security breaches, if they happen at all.
  • Enhance your customer's experience by allowing them to access confidential information on your network that is applicable only to them and assuring customers that security solutions are in place to protect their vital data.
  • Reduce the risk of litigation from loss of data or security breaches.
  • Extend your recruiting reach by allowing you to hire remote teleworkers who can have full and secure network access.
  • Introduce worker flextime as a human resources benefit by giving employees options where and when they work, securely.
  • Add new locations, branches, and offices quickly, without the need to worry about security or redesigning a security system from scratch.

The computing world is becoming more complex and new threats are introduced every day. Your company, regardless of size, needs a security solution that's designed to fit your needs right now and is capable of adapting to changing security threats.

Return to top

Things to Consider: Developing a Security Game Plan

Network security is like the proverbial chain. It's only as strong as its weakest link. Your network is most secure when:

  • All policies, procedures, software and devices work together to provide a secure and adaptive system.
  • Threats are contained at every entry point of entry.
  • The network can automatically adapt to new and changing threats.

Because you don't want a piecemeal approach, it helps to work with trusted vendors who can provide end-to-end security from the network foundation to the remotest laptop accessing your customer data. It's also important to work with a consultant who understands the right balance between security and usability.

"Creating a security solution is a lot like picking items from a menu, it all depends on your company's needs," says Craig Martin, a security solutions architect for Sentinel Technologies, Inc., a Cisco Certified Security Partner in Downers Grove, Illinois.

A consultant will begin by working with you to review your company's needs, plans, vulnerabilities, and mission-critical assets and applications. Once the review is complete, your security partner will present a security game plan customized for your company.

Firewall: The Essential Protector
The one security item every company needs is a firewall, a security appliance that attaches to your network and acts as the protective shield between the outside world and your wired and/or wireless network. A firewall continuously inspects traffic and matches it against a set of predesigned rules. If the traffic qualifies as safe, it's allowed onto your network. If the traffic is questionable, the firewall blocks it and stops an attack before it enters your network.

Safe E-Mailing and Internet Browsing
If your employees send e-mails and browse the Internet (and what employees don't?), you should consider a comprehensive security solution that includes e-mail security, Web gateway security, and URL filtering. With these security technologies you can...

  • Vigilantly monitor the content of your inbound and outbound company e-mails and monitor visited Web sites to make sure no viruses, spyware, malware, or other malicious threats can infect your network.
  • Update automatically, several times a day, even without slowing down the system or requiring human intervention.
  • Avoid interrupting your workers. These technologies are largely invisible to employees, so they can enjoy security benefits without the hassle of security management.
  • Prevent employees from visiting sites with illegal or offensive content. This helps keep your workers productive and reduces the risks of human resources problems that can occur when employees are unvoluntarily subjected to sexist, racist, or other objectionable material in the workplace.

Other Solutions to Consider
What other security solutions do you need? Depends on what you're doing:

  • Connecting partner and branch offices: If you have many locations that will connect to your central network, your partner might recommend a virtual private network (VPN). A VPN securely and inexpensively uses the public Internet, instead of privately owned or leased lines, to provide remote offices and individuals with secure access to your organization's network.
  • Computing at home and on the road. Are your employees using laptops from home or on the road? VPN makes sure that every computer that connects to your network -- from any location - is secure.
  • Protecting customer data. The last thing you want is unauthorized people obtaining sensitive customer information. Data security software enforces policies that dictate how customer information is used, copied, and accessed.

"All these solutions are easily integrated with most existing networks, they can be rolled out in phases, and they can be up in running in a matter of days," says Martin. "And once they're installed, they are easy to maintain and administer."

Small and medium-sized businesses are affected by security issues, just like enterprise customers, but they have fewer resources to manage security by themselves - all the more reason to work with a trusted security partner.

Managing risk effectively also entails informing employees about where and how potential security threats originate and teaching them how to respond. And it involves putting mechanisms in place to keep the lines of communication open inside and outside the organization during a potentially disruptive occurrence.

Return to top

Down the Road: Room to Grow and Adapt - Securely

Who knows what the future will bring? Perhaps your company will add new employees or locations, merge with another company, or enter new markets where security is highly regulated. This much is certain: New security threats will appear, challenging the integrity of whatever security solution you have in place.

In order to have security on your network that grows with your business, it's important to keep five things in mind:

  • Your security hardware and software should be scalable and extensible. "Scalable" means you can add users and locations without worrying about hitting a ceiling. "Extensible" means you can add features and make adjustments as security needs change. Scalable and flexible security technology keeps your security up to date while protecting your original investment in security hardware and software.

    You should only deploy security hardware and software offered by a vendor with the financial and technical wherewithal to continually develop, test, and improve its security solutions. * Vendors that sell to larger enterprise customers will most likely have developed solutions designed to meet the most demanding security needs. These vendors will have tested these solutions extensively and will most likely be the first to market with new solutions as security threats warrant. Many vendors apply the advanced technology they've developed for enterprises to products tailored to the small and medium-sized business market.
  • You're working with a certified and experienced security partner. Your security needs will no doubt change over time, and therefore it's important you select a security partner or consultant that can provide you with ongoing assistance as needed. A good partner will help your identify security challenges before they become problems. They'll know how to properly install and monitor solutions and they'll now what new solutions are available to help you solve your particular security needs.

    * Look for a partner that can help you create security solutions quickly. The last thing you want is to delay the opening of a new office or lose customers because security efforts aren't adequate or in place.

Return to top

Top 5 Questions to Ask a Partner about Network Security

When interviewing potential security partners, here are a few great questions to ask.

  1. Do you specialize in working with small and medium-sized businesses (SMBs)? Cisco has a network of certified partners who specifically focus on providing technology solutions and support to SMBs. Many of these partners are SMBs themselves, so they understand the business challenges you face and the goals you have in mind. Cisco certified partners have proven their qualifications in specialized technologies. They have the training, support, and services to design, deploy, and optimize networking solutions for your business. They also stay up to date on the latest software and hardware changes as well as upcoming Cisco products and solutions.
  2. What do I need to add to my network? A Cisco partner can discuss your network security business requirements and evaluate your current systems and network infrastructure. From there, a Cisco Partner can present network security solution options that will meet your needs today, grow with your business over time, and fit within your budget requirements.
  3. How can I minimize my overall costs? An end-to-end solution from Cisco is easier to maintain and support than a piecemeal, multivendor solution. Also, when budgeting for network enhancements, always take into account the cost of any software not included with your hardware purchases; maintenance; training; support; additional staff (if needed); and other factors. Research firm Gartner estimates such indirect costs account for up to 60% of an organization's total technology expenditures. Your Cisco partner can help you budget for all direct and indirect costs related to your network enhancements.
  4. What happens if there's a problem? Ask your partner detailed questions about the support he or she can offer after the sale. For example: Does the partner offer after-hours or emergency support? If so, during what hours is that support available? The specific support levels offered should be detailed in a service level agreement (SLA).

    Also, keep in mind many Cisco partners offer an award-winning technical support service that offers anytime access to Cisco engineers and an extensive range of technical resources.
  5. What do we need to do to prepare? Before the installation, ask your partner what information—about your network, users, business procedures, and security requirements—he or she needs from you to make the network upgrade go as smoothly as possible. Also ask your partner what are the common oversights or challenges businesses like yours face when upgrading their networks, and how you should prepare for them.

Questions?

Contact a Cisco partner to learn more and get exactly what you need.

Return to top

Did This Website Help?
Ad Banner