From the time businesses began relying on computers for day-to-day business, we’ve been told good, up-to-date anti-virus software will protect us against viruses and hack attempts. However, as anti-virus software has grown more powerful, hackers have become more creative to get around it.
A recent study by Trustwave cited 300 incidents in which servers had anti-virus software in use. In each incident, experts found that anti-virus had failed to protect systems from attack as intended. In fact, Trustwave isolated 88 types of malware that all evaded detection by standard anti-virus protection software.
According to Trustwave, in some instances, businesses weren’t even aware that a breach had occurred until notified by outside sources. Some breaches occurred several months before being brought to the business’s attention. Hackers know the latest viruses anti-virus software protects against and deliberately find ways to circumvent protections. By the time anti-virus manufacturers learn about the malware and update their definitions accordingly, much of the damage has already been done.
So what’s a small business to do? One of the biggest problems, experts say, is over-reliance on anti-virus software. Strong security measures need to be put in place from the day your business opens its doors, with company-wide password standards that prevent hacking, staff education and mobile device security, among many others. SmallBizTechnology’s Ramon Ray gives small businesses eight tips to protect data, including hiring a consultant to do a full security audit on your system’s security. A professional can detect leaks in your network infrastructure and advise you on what steps you can take to repair them.
In-house, you can conduct a simple first-glance audit to determine where leaks might occur. Many passwords are leaked through your users themselves, as many users leave passwords in plain sight or choose passwords that can be easily guessed. You should also limit access to all your servers and keep an audit trail of all the comings and goings. Monitoring that log regularly for signs of intrusion will help you catch problems early without relying on your anti-virus software to do all the work for you.
By employing this multi-layered approach to security, Trustwave says businesses will be prepared to face any hacker attacks that come down the pike. Today’s hackers are dangerous because they are no longer content to simply hack for the sake of proving they can. Like criminals of the past, today’s malware creators are interested in stealing money, identities, or disabling entire sites for attention.
The goal is to create a network infrastructure so complex that hackers take one look and move on to the next victim. By creating a multi-layered security solution, your business will appear to the hacker to be too complex to bother with. Since hackers are looking for the easiest way in, your locked-down security infrastructure will be similar to a bank with a security guard standing outside. The criminals will simply drive around the block, looking for an unprotected business.