Most attack code is written by professional cyber criminals, seeking either to take data from companies and onsell it for profit, or to connect machines together and form 'botnets' which can in turn be rented out to send spam mail, or used to distribute still more malware. Under these circumstances, a lack of prominence is crucial.
"People forget how dangerous the internet is today," says Mike Greene, vice president for product strategy at PC Tools. "There are a number of different ways for cyber criminals to exploit businesses."
Of course, this desire to remain invisible and the desire to make money rather than merely gain glory only adds to the challenge of fighting off such problems. While security suites have become more integrated–you're much more likely to install a single suite that protects against viruses and spyware, and a firewall to protect against unauthorised network intrusions, than to buy separate products for each function–they still take time and money to manage.
"Balancing securing IT systems with making them available, and doing that in a cost-effective way, is a big challenge," says John Donovan, managing director for Symantec. "A common thing we hear from smaller businesses is they simply don't have the time."
A useful solution in this context may be to use a managed security service. By outsourcing your ongoing IT security management to a third party for a fixed monthly sum, you can hand off what is becoming an increasingly complex problem to someone with a higher degree of expertise.
That's certainly a better approach than the ostrich-like pretence that nothing will go wrong. SMEs often assume that they are less likely to be the victims of a co-ordinated attack than a larger multinational firm, but such an assumption is largely unwarranted, experts warn. "If you don't have a sensible protection strategy, getting attacked is only a matter of time," says Paul Ducklin, Asia-Pacific head of technology for Sophos.
"There's no reason you can't have an attack against smaller companies," says Greene. "It's not that hard to figure out a way to exploit that relationship. People need to realise it's a moneymaking business, and nobody's immune. Criminals go for the weak link in the armour."
In larger businesses, it makes sense to have both network-level protection (examining incoming data before it hits individual machines) and a separate desktop-level system. "The desktop is really the last line of defence," Greene says. Protection shouldn't be limited to machines in your own premises either. Ducklin points out that company web servers are now often hacked to provide links to sites that download malware. Those links are invisible to the naked eye, and the malicious software itself resides somewhere else, but the potential for reputational damage is serious. Running an on-access scanner on your web server (or more likely ensuring your provider does so), which checks pages as they load for possible illicit content, can help obviate such threats.
Online threats evolve rapidly, so even with a good protection strategy you might still fall victim to an attack which results in lost information or compromised data. The most critical element in recovering from such a setback is having good backups of your existing systems, and the knowledge of how to restore them quickly–something many businesses struggle with.
"Australian SMEs fall down in their ability to actually have backup and recovery processes in place to recover from some sort of attack," Donovan says. Surveys suggest that many businesses run backups less than once a day, making them particularly vulnerable. "Whether it's a cyber-style attack or a physical attack, the ability to recover is somewhat compromised without backups. Also, in a lot of cases, they're not modifying their policies as they grow."
Bookmark article at:These icons link to social bookmarking sites where readers can share and discover new web pages. powered by moSociable 1.0.1 by www.waltercedric.com
