Shrek © 2018 DreamWorks Animation LLC.
...it has layers...and can be terrifying.
Every week new hacks and data breaches make the news, and every day new services spring up offering to be the miracle drug to fix all security problems, but it just isn't that simple. The number of threats that SMBs are susceptible to grows daily, and that means that what worked yesterday might not work tomorrow. The only choice you have is to build in layers. If an attacker makes it through the first line of defense, the goal is for the second and third will slow them down enough to notice and remediate the issue.
Covering Your Assets
A monitored and managed method of deploying operating system and software updates as well as a centrally managed antivirus software should be considered non-negotiables. If you can't verify that patches are installing and virus scanners are up to date and running, then you are not protected.
In addition to standard host-based anti-virus scanners, tools like OpenDNS provide an additional layer of protection by proactively stopping people and malicious software from getting to dangerous websites on the internet which can help prevent getting infected to begin with.
Lock The Doors
You wouldn't leave your office doors unlocked, so you should not leave the digital entrances to your office unprotected either. A next-gen firewall, with the ability to not only block unnecessary traffic, but scan and detect malicious traffic that looks safe is a great start. Not only will a good firewall help actively protect your network, but with the appropriate management, the logs can be used to remediate on-going issues as well as prevent future issues.
Email is nearly mandatory for most businesses, so ensuring you have a good email security platform is important. This should include things like email encryption and outbound email filtering, as well as normal spam filtering.
If You See Something, Say Something
But the last, and probably most important piece is your team. Proper training of employees is crucial. Teaching employees safe email and computer usage practices, how to properly handle sensitive data, and how to recognize and report potential attacks are all key to securing your infrastructure.
Human behavior will always be one of the most exploited portions of network security, but it is also one of the best ways to protect information. Invest in training that helps your team be diligent and keep up to date on the latest threats.
Ask your IT department which layers you have in place. Don't have an IT department? No problem, you can ask mine.