In our last article we discussed the types of web based security threats and how they might affect your business. Whilst the consequences of a web based attack can be severe there is fortunately a lot you can do to minimise the risk.
Most web based security attacks come as a result of the actions of a PC user – after all web browsing is a user driven activity. Ensuring your staff are aware of the threats and their consequences will go a long way to reducing the exposure of your business. Creating an IT acceptable usage policy containing these guidelines is highly recommended although as a first step you might wish to direct your staff to our previous newsletter article which gives an overview of the threats.
Software upgrades & updates
Older software is less secure – this is a fact. Older software versions will have less support from vendors and will be inherently less secure. It is therefore sensible to include regular version upgrades in your IT budget to ensure you are using up to date software. Where possible, purchase software with version assurance to keep the cost of doing so to a minimum.
Even current software versions require updates to ensure security flaws are closed as they are discovered. Your PCs will usually have an option to install software updates automatically but better still sign up to a fully managed software update and patching service to have ultimate peace of mind.
Web antivirus and antispyware
In much the same way you have antivirus on your PC to scan your files and folders, web antivirus and antispyware will scan web traffic for the same threats. There are three ways of achieving this with different levels of effectiveness:
Using PC based software
This is the least costly way to secure web browsing and is better than doing nothing. However for this software to work, any malicious software will already have reached your PC thus reducing its effectiveness. In addition the antivirus software will only be as relevant as the last update it downloaded.
Gateway security appliance
A security appliance will scan web traffic at your internet gateway before it has the chance to reach your network. As a result it has a much greater chance of eliminating threats to your PCs and servers than installed antivirus software. It also has less of an impact on the performance of your PC.
Cloud based security
Works in a similar way to a security appliance in that it scans traffic before it reaches your PC. Cloud based technologies run on the servers of security vendors and will likely have the latest updates before they reach your on premise systems. They have the added advantage that they can provide more effective coverage for remote workers.
Web content filtering
Web content filtering allows you to restrict browsing activity of your staff only to sites that are deemed necessary to your business. From a security perspective you may choose to block only highly undesirable sites. However you may choose to restrict other sites such as social networking which may also have an impact on business productivity. Either way this will significantly reduce the likelihood of your business being compromised by a web based security threat.
To learn more please contact our experts on 0845 507 0846.