If you are thinking about starting a business, information systems will probably factor into your plans at sometime. The business will require some sort of application software and the requisite information created from the application – whether the solution is simply an Excel spreadsheet or something more advanced and automated like QuickBooks Pro or an enterprise resource management system. Subjects like disaster recovery, data protection, cyber security, web filtering, etc., are subjects entrepreneurs should be thinking about. Securing your business is the next article in a series of articles that will introduce the new,and experienced, business owner to information technology intricacies that should be included in your business plans. Because security should be a layered approach this first issue will introduce the idea of Network Security.
Cyber security should be a layered approach like the physical security of your business. To secure your business for the evening, you lock yours doors and windows, turn on an alarm system, lock up your valuables or whatever is important to you in a safe or take the items off site with you. Cyber security is no different and maybe even a little more intimidating. At least physical security is somewhat of a tactile event, meaning you can touch and feel what you are trying to protect. With computer systems, attacks can appear intangible until the systems are penetrated and information is stolen. If your business is connected to the Internet, someone is trying to break into your network or, at the very least, scanning your network looking for vulnerabilities to exploit all of the time.
During research regarding next generation of cyber attacks, the analysis clarified the attackers are targeting applications and users more than network vulnerabilities. Further complicating matters, the attackers are preying on home networks and smaller businesses. Why? Most of the time, owners of the systems believe they are off the radar of malicious individuals when in fact smaller networks appear easier to penetrate and manipulate. From these launching points, the perpetrator can exploit larger institutions from the trusted smaller entity.
Applications Security Automation become the point of attack because the operation of the software relies on ports being open through the firewall or router. An example of a port would be http. In order for http to work, TCP port 80 must be allowed. So if Joe Hacker writes an exploit that works over TCP port 80, you cannot block the attack unless you do not want to use http or the appropriate changes are made to mitigate the exploit.
Users are exploited by tempting emails and malicious websites that entice users to click links that unleash exploits to infect the computer with worms, viruses, trojans, rootkits, or botware. Being infected by a rootkit usually means the owner of the computer system will be re-installing the operating system and applications in order to eradicate the infection. Rootkits are particularly painful because the exploits become part of the operating system. One rootkit went so far as to install an anti-virus tool to keep other competitors away from their property.
If the business is connected to the Internet, a router is the bare minimum you need for separation. Using a router as a security device, there should be an access control list to deny or allow what enters and exists your network – ideally, deny should be the default and allow is the exception. At best, the network should have a firewall and screening router for homes and businesses that have a cable modem or DSL connection. Unfortunately, configuring and maintaining firewalls is not for the faint of heart. Please keep in mind a firewall is just a computer with multiple network cards installed and highly specialized software. Firewalls are somewhat “geeky” and unfriendly to say the least.
Cisco Pix firewalls are good but there is really no such thing as a Graphical User Interface (GUI) to manage and setup the firewall. Check Point and Juniper for small businesses are not any friendlier because they have a GUI. And those devices can be “pricey”. You can also look at an open source solution for your firewall solution. Open source will be free for the software – which is what a firewall really is – sophisticated software. You will need to have the hardware already but you do not have to have the newest greatest hardware. I used an old desktop computer and added an extra network card to build a firewall.