Personal Small Business Enterprise

Your Top Security Weapons Against Web-Based Threats

A past boss once gave me some great advice: “It’s okay to come to me with a problem,” he said. “But you have to bring me at least one possible solution, too.” In the same spirit, today’s blog isn’t another list of the worst IT threats out there. Instead, it’s a list of solutions that you can use for active prevention against web-based threats.

Why the focus on web-based threats? It’s simple: whether it’s email, eCommerce, Web advertising, social media marketing or online recruiting, you can’t run your business if your network isn’t secure and running smoothly. Here are some tools to protect it:

Use a firewall to restrict outside access to your company network and test it regularly. You can also set your firewall to restrict staff from using certain websites or applications that may pose security risks.

Secure VPN
A virtual private network (VPN) is a secure connection between two or more points (like, say, two branch offices of your company) that encrypts data moving between them over the Internet.

Secure Wi-Fi
Require passwords to access your office Wi-Fi network. Use the newer and more secure Wi-Fi Protected Access encryption protocol instead of the old Wired Equivalent Privacy version. Change the settings so your network doesn’t appear in public listings of local wireless networks available to web surfers.

Strong passwords
Use two-factor authentication or set your network login to require strong password combinations (i.e., both letters and numbers, upper and lowercase, etc.) and password changes every few weeks or months.

Scans, updates and patches
Outdated software is less secure than newer versions, so upgrade and update. Set your programs to check for security patches and updates regularly; install them immediately. Make sure your antivirus protection automatically scans all emails, downloads and attachments, as well as USB keys and other peripherals that connect to your network computers. Check that your antivirus program protects against malware, spyware and other threats and also check if it’s up to date.

Encrypt your data so it can’t be deciphered even if it falls into the wrong hands. Encryption is now a standard feature available with most popular operating systems. Additionally, make sure your eCommerce platform meets the Payment Card Industry Data Security Standard for encryption.

MDM security
A mobile device management (MDM) solution helps you secure the bring-your-own-device (BYOD) situation at your company. You can remotely locate, monitor, lock and wipe lost or stolen mobile devices and control mobile access to your company network.

Invest in a good system to backup your data either on-site or in the cloud.

Your best IT security tool is knowledge. Educate your staff about ways to avoid Internet threats like phishing scams, fake apps containing malware or the danger of doing company business over unsecured public Wi-Fi. Enforce a company BYOD policy.

The bottom line
Even if your staff members take every precaution possible when they go online – by not downloading or installing third-party software or apps, avoiding questionable websites, and regularly running virus and malware scans – the threat environment remains tough to navigate.

Fortunately, there are many solutions out there today – including Bell Total Protection – that offer end-to-end security through one solution (you can view a web-based demo of Bell Total Protection here). So although the threats will always be around, there are many innovative, affordable solutions to protect your IT security weak spots without breaking your IT security budget.

Has your business been impacted by web-based threats? Let us know in the comments section below; we’d love to hear from you.

Let us know what you think

One response to “Your Top Security Weapons Against Web-Based Threats”

  1. Pallav Kaushish says:

    The suggestions you made are good however when it comes to encryption the scenario is a lot deeper than you suggested. Encryption by itself doesn’t mean anything unless the control and security of the encryption keys are defined.

    If any vendor is securing your data by encrypting it and then storing the encryption keys on the server, it’s not safe. It’s like locking the door and keeping the key under the doormat. In case the server of the vendor gets hacked the encryption keys will be compromised as well and the meaning of encryption will be lost.

    The major question that comes here is how the vendor manages the encryption keys and that will decide how securely the encryption scheme has been implemented.

    This is one of the problems that we at SmartSignin are solving by allowing users to manage their own private key for decrypting their data which maintains utmost security and privacy for the user.

    -Pallav From SmartSignin

Leave a Reply

Your email address will not be published. Required fields are marked *