Yes, viruses, worms, phishing and other horrible-sounding threats make for a dangerous world out there for your computer network. But there's comfort in the fact that 84 percent of network attacks are considered preventable with simple security measures.
Yet to be convinced that you need to take protective measures? Then consider the following:
- It takes 20 minutes for an unprotected computer to get infected after it's been hooked up to the internet.
- Forty percent of passwords can be cracked within one hour.
- In 2007, 127 million personal records were either lost or stolen.
Now that I've made you aware that something must be done, it's good to know that protecting your computers doesn't need to be expensive or complicated. In fact, just like in the physical world, it mostly requires some basic common sense. Below are the four critical tools for locking your computer network up tight.
Antivirus software. In my opinion, antivirus software should be mandatory, like car insurance--you can't get a computer without it. Yes, antivirus software has historically been a royal pain in the processor. It was costly, it updated itself all the time and it would slow your computer to a crawl. But I see antivirus protection as being like flossing: It sucks, but think what you may lose without it. Besides, there are some free (yes, free) antivirus programs that are top-notch, such as AVG (which also has a pay version). And the performance drags have drastically improved in the last year or two, especially with products like Symantec's Norton Internet Security . Get something on every system in your company and keep it up to date. It's basic hygiene.
Firewall. For both individual PCs and networks, firewalls are must-haves. These are simple programs that, based on a certain set of rules, examine the traffic coming in and out of your computer or network and block any unauthorized access. It's like having a lock and peephole on your front door. Many internet security software packages, such as Symantec's, have firewalls built in. Check Point Software Technologies , probably the most recognized brand in the firewall business, also markets a free version of its basic firewall software called ZoneAlarm .
Get a VPN. If you or your employees ever access the company servers remotely, you need a virtual private network (VPN). A VPN simply creates an encrypted tunnel between your PC and the network, so that anything you send between the two is protected. It sounds more complicated than it is. And there are free versions of this as well, including Alonweb and PacketiX VPN . Some of these free versions hit you with advertising, but that's nothing you can't handle.
Passwords, passwords, passwords. I'm not just talking about passwords to log on to the network or a website. Those are obvious. But did you know that your hard drive can (and should) be password-protected? Did you know that you can require your employees to enter a password before they download anything onto their system? And did you know that those passwords must all be different; change regularly; include letters, numbers and symbols; and in general be really difficult to guess? It's called password strength, and for more on how to make a weak password stronger, see this handy reference guide .
How well you protect your network will depend on how well your employees adhere to the guidelines. And sometimes just educating them on good, safe computing habits (like not clicking on links in e-mails from unknown sources or downloading anything from an untrusted site) is not enough. So a little security technology can go a long way toward helping you sleep at night. And most of it won't cost you a thing, which will also help you sleep.
Dan Briody is the author of two books and is the former Executive Editor of CIO Insight Magazine, a leading publication for information technology managers. He is also a frequent contributor on technology topics for Wired, Inc. and Business Week magazines.