Business owners often ask how to protect against viruses, spam and malware in their operations given the constant onslaught of new threats. Following are five steps to consider in your perimeter security strategy.
- Perform a security audit. Small businesses can largely prevent crippling security events by engaging a third-party to perform an objective security audit and vulnerability analysis.
- Evaluate gaps. Security is a trade-off of cost, ease-of-use and risk. Armed with a thorough security assessment, small businesses may consciously make decisions about which information is the most critical to secure, how much they are willing to spend and what precautions they will require end-users to take.
- Implement perimiter security. At a minimum, all small businesses should have up to date firewalls, anti-virus, anti-malware and anti-spam hardware, software and/or cloud implementations.
- Assess information-centric security and security policies. While perimeter security is a necessary condition, it is not sufficient. For some time, the security industry has moved to an information-centric approach in which the prioritization and security of information itself is central to guard against internal threats that perimeter security cannot address. Establishing security policies prevents users from surfing unsafe Web sites and risking loss of data due to malware or falling out of compliance with regulations.
- Consider outsourcing. Information security is vital and dynamic. If this is not something that you can handle sufficiently internally, consider this as part of your IT managed services strategy.
What is your perimeter security strategy?
Key Takeaways:
-
A security audit will give you the basis for evaluating which gaps are worth the cost to fill to reduce risk in your business
-
Perimiter security, while necessary, is insufficient - information-centric security and policies are required
-
Outsourcing is typically more economical and safer than trying to keep up with the ever changing threat landscape
