The news has been filled lately with articles about the dangers of using open access Wi-Fi in public spaces. Journalists have reported how hackers are able to use spyware to obtain information from people’s laptops, tablets and smartphones with the aid of fairly innocuous looking devices. Unfortunately, as we all access the internet in ever increasing numbers and via multiple devices, security issues are not confined to vulnerable public networks. In fact, for small businesses, it is imperative that online security is prioritized to protect personal and customer data.
When you consider how much you and your business use websites, social media accounts and financial information, it comes as no surprise that your customers and other business data is at risk of falling victim to internet thieves. There are a number of ways you can protect your data – the most important first step is to identify the potential risks and ways in which to mitigate them. Here are some of the essential criteria you need to know:
The more devices operated by you, your employees and colleagues, the more vulnerable your system is to unauthorized intrusion. Bash enabled on a laptop, other device or server is susceptible to attack and harm known as Shellshock, sometimes called Bash bug. The majority of systems have some degree of vulnerability, as Bash can be found in Unix and Linux, some Mac OS X systems, and Windows server deployments, as well as Android. As Bash enables the injection of arbitrary commands without authentication via remote code, it’s possible for a third party to execute such malicious code and, for example, take over your computer operating system, gain unauthorized access to your confidential data, or prepare the ground for future attacks.
Start by downloading free scanning software from a reputable site that provides licensed software and scanning tools to scan your computer servers for Shellshock. Linux systems will benefit by using BashLite Malware Scanner, for example, to determine if there is any resident malware, while the Shellshock Vulnerability Scanner will check your website to see if Bash bug or Shellshock could be a problem. There is also a Trend Micro Security download for Mac OS X, which is available free on a trial basis.
If a scan detects a problem on your computer servers, you can protect them using a cloud-based service that was designed and built for Amazon Web Services (AWS). Deep Security as a service provides you with intrusion detection and prevention, firewall and anti-malware services and integrity monitoring, protecting the reputation of your websites. You need to protect applications, data and operating systems using AWS, while the service delivers secure processes and facilities.
You can also obtain InterScan Web Security as a service, and test and evaluate this free for a 30-day period. This can help you block access to websites that are known to be vulnerable on all the devices your business uses.
AWS brings with it a number of advantages as companies begin to shift to cloud-based activities rather than hardware and software combinations. In order to prevent data breaches and disruption to your business, AWS will detect and then remove malware with minimum impact on how your systems are performing. Some malware actually recognizes and attacks security provisions. However, with AWS such programs are blocked from uninstalling your security systems. Communication with your cloud servers can be strictly targeted to limit exposure to attack and shield servers from vulnerabilities.
As well as investing in programs and services that can help your business, it pays to follow some of the golden rules of internet security: keep your devices clean and up to date by checking them regularly; secure and encrypt your Wi-Fi networks and make sure everyone in your organization knows the basic safety and security procedures – and practices them; regularly back up all key data and store safely; control physical access to devices and use individual designated user accounts. If your business is processing payments, be exceptionally vigilant and work with financial institutions to maximize payment protection. If you make sure passwords and access is strictly on a “need to know” basis, and that no single employee has access to absolutely everything in the system, you will strengthen your security provision. Finally, make sure your passwords and those of your staff are extra-strong and change them regularly – about every three to six months. When it comes to digital protection for business owners, you can’t be too careful.
