Categories
Tags
- apple
- bing
- blog
- business network security
- direct messaging
- malware
- microsoft
- mobile devices
- National Cyber Security Awareness Month
- p2p sharing
- pagerank bomb
- password security
- phishing
- podcast
- productivity
- remote desktop
- rogue av
- schools
- search engines
- skype
- small business
- social networking sites
- sun
- tests
- threatstatus
- web safety
- web security
- website blocking
- yahoo
Top 10 Security Mistakes SMBs Make
By Lee Graves on Dec 2nd, 2011
Categories: network security, web security
Tags: business network security, web security, small business
A recent survey revealed half of small and medium-sized businesses (SMBs) don't think they are a target for cyberattacks. The fact is attacks on SMBs are increasing, not only in volume but in complexity and sophistication. It’s important for SMBs to get away from the mindset that they can’t or won’t be attacked.
Dark Reading’s Ericka Chickowski recently posted the Top 10 Security Mistakes SMBs Make. The article highlights the increasing attacks that SMBs are facing while pointing out the top 10 areas where SMB security can and should improve.
Top 10 SMB Security Mistakes for 2011:
- Thinking They're Too Small
- Leaving Websites Open To SQL Injection
- Failing To Patch Or Securely Configure Systems
- Letting Software Licenses Lapse
- Weak Passwords
- Letting Employees Browse The Web Unchecked
- Using Insecure Email
- Ignoring Mobile Security
- Failing To Train Employees
- Assuming They Can Outsource Security Responsibility
eSoft network security solutions can help with most of the items on this year’s list. Let’s emphasize a couple items we see more commonly and the best ways that SMBs can address these.
Letting Employees Browse The Web Unchecked – Even if your organization isn’t concerned about productivity issues related to unfiltered web access, web security is a huge issue that can be addressed with web filtering. Phishing websites, drive-by downloads, rogue anti-virus infections, malvertisements - 85% of internet threats are now web based. SMBs need secure web filtering policies to block these web attacks and secure sensitive corporate information.
§ According to Symantec's SMB Threat Awareness Poll, 67 percent of organizations don't use web-based security services – are you one of them?
Using Insecure Email – Tablets, smart phones, netbooks and laptops continue to grow in popularity as well as the BYOD (bring your own device) subculture associated with these devices. However, most users don’t understand how to configure secure access to email, often configuring these devices to send and receive email in plain-text. It’s important for SMBs to create a security policy that requires encrypted email sessions, so users are not open to eaves-dropping and can protect important information sent over email. This is often compounded by allowing and using weak passwords.
As we approach year end, take a look through the top 10 above and evaluate how well your organization is meeting the challenge. Find your strengths and weaknesses and adjust your network security strategy as needed. Contact eSoft anytime for advice or any concerns you might have.
