Businesses run on data. Orders, invoices, receipts, emails, audits, shipping, accounting, maximizing, minimizing… ad infinitum.
Cyber criminals are driven mostly by money. Whether hunting for banking credentials, trade secrets, or a PC to encrypt and hold for ransom, there should be little doubt that cyber threats are a central concern to the majority of small businesses.
And yet so many SMBs still rely on one thing and one thing only for protection.
The Lone Ranger of Cyber Defense
Antivirus is the first and only layer of protection against malware on most servers and workstations. But even under the best of circumstances, the most successful antivirus program is only about 90% effective.
Yes- all businesses need a strong antivirus solution; but a comprehensive IT security strategy includes multiple layers of protection that work together to maximize threat detection and minimize threat exposure.
Here are five other critical elements that every security solution should address.
1. Comprehensive Update Strategy
Malicious software can be designed to take advantage of known flaws in operating systems or installed programs. According to a 2015 report, these “drive-by” infections accounted for over 15% of all internet-based threats.
Ironically, in most cases they only succeeded because the owner failed to install an update released months (or years) ago.
A robust update strategy includes regularly checking for not only operating system patches, but also security fixes for programs like Microsoft Office, Adobe Flash and Oracle Java.
These checks may be handled manually, but centralized management software like Sentry Business really helps!
2. Robust Email Filters
Emails are the most serious threats when it comes to online exposure.
Email attachments accounted for just under 40% of total threats in the aforementioned report. Harbingers of Trojan horses, these attachments disguise malware in a misleading executable file or document.
Emails containing malicious links accounted for another 37% of online threats, giving email a starring role in 77% of online threats. A robust email security strategy provides an effective layer of defense against spam and email-borne malware threats.
3. Standard User Accounts
No security solution is perfect. Over time, someone will get duped into running malware that gets through your antivirus layer. If that someone is running an administrative user account, said malware may be able to take control of the account and create a whirlwind of havoc on critical system functions.
The simplest tasks are often the most underrated, and changing an account type is about as easy as it gets. Reserve the use of administrative accounts for when changes really need to be made.
4. Web Protection
“Drive-by” infections and malicious links in emails both target Internet browsers, and account for 54% of online data breaches. Web protection is an intelligent, proactive layer of security between the browser and system designed to block user access to malicious sites before they load.
When a user clicks on a link, the software compares it’s address to a database of malicious websites. Blocking the site prevents any code- malicious or otherwise- from ever loading.
5. Event Monitoring
Keeping an eye on the overall health of a network depends on implementing a data-driven system of automated checks and scans. These checks can be set to trigger alerts or events when a certain value or threshold is reached, allowing technicians to quickly and proactively respond to possible issues.
Without this system in place, managing a network of any size would become a daunting task.