3Pointer: 10 IT Security Best Practices for Small Businesses
Small business’ best defense?
Every 1.04 seconds, a new IT threat is identified. So, in the time it takes you to brush your teeth in the morning (given you still sing the Happy Birthday song twice like your mother taught you), another 40 threats to computer systems worldwide bear their wicked fangs. In a day, the number jumps to 90,000. More insight from Trend Micro research: computer risks are mobile - the number of risky applications on Android jumped from 30,000 to 175,000 between June and September of 2012.
Scout motto: Be prepared. Here’s how...
1. Transform your firewall into a fortress.
Firewalls become invincible when they are fully understood and protected. For example, many people assume Microsoft Windows is equipped with built-in defense applications. Truth is, you should make sure that your PC is getting the latest updates and patches from Microsoft to ensure protection. Additionally, a managed antivirus solution on your PC also goes a long way to protecting against outside threats.
2. Track anti-virus subscription expiration dates.
Oftentimes, anti-virus subscriptions get lost in the shuffle. Maintain an electronic and paper record of expiration dates, ensuring you won’t get caught unawares.
3. Enforce a strong password policy.
While “123456” is easy to remember (it was the most used password in 2012!), it fails the strong password meter test. A good policy is to use eight characters or more with three out of the following four attributes: uppercase letters, lowercase letters, numbers and symbols.
4. Download current anti-virus and Microsoft Windows updates.
No application is perfect. Take advantage of developers’ ongoing pursuit of excellence.
5. Fend off zero-day attacks. Zero-day attacks are very common.
Essentially, malware/virus developers share information when they determine a software vulnerability hasn’t been patched by a developer. 3Points recommends a web filtering device to eliminate spyware/malware.
6. Scan emails for threats.
3Points takes a two-pronged approach to email scanning. First, a local antivirus performs inbound scans of email for threats. The second is our Pure Anti-Spam solution that scans both inbound and outbound email. Outbound filtering blocks messages from the hosted spam provider and avoids blockage of your public IP address, critical measures if a PC on your network is infected with a “bot-net” and is auto-spamming out email without your knowledge (we’ve seen this happen to several clients that are not using our Pure Anti-Spam service).
7. Be ready for the most common, most invasive of threats: spear phishing.
Spear phishing is the leading method of corporate and government cyber threats; they account for 91 percent of advanced targeted attacks.
You may be familiar with “phishing,” the method of acquiring certain information from people (username/password/credit card/etc.) by attempting to come across as a legitimate website. In contrast, spear phishing takes this one step further by gathering personal information, then targeting that user to make the site seem more legitimate and increase their success rate.
8. Reduce risk with quarterly security audits.
Security audits highlight and patch potential vulnerabilities.
9. Bravely enforce a security policy.
It’s great to adopt measures that keep your network protected, but pointless if you don’t actually implement a true security policy. It’s kind of like having ten locks on the door, but none of them are locked.
10. Know the truth about cloud security.
Cloud providers offer a variety of security features. Hold them to their promises: PCI compliant in the retail space, HIPAA for the medical space, and SOX compliance for many businesses. Also, request backup routines, locations of data centers, and geo-redundancy coverage.
Product Focus: 3Points Reviews Microsoft Surface Pro
By Mike Magnesen - 3Points R&D
Microsoft Surface Pro is a great business tool—it looks like a tablet and works darn hard like a laptop. And... I still get Angry Birds.
But, let’s start at the beginning, shall we? February 9th marked Microsoft’s first real attempt at selling hardware. They must have done something right because it took mere minutes for them to sell out of the Microsoft Surface Pro at the Oak Brook Microsoft store. Lucky for me, I sauntered in at around 10:30 a.m. with an AMP Energy drink in my hand and picked up my order previously placed via in-store reservation. Otherwise, you wouldn’t be reading this review right now and I wouldn’t have had half as much fun sitting in the 3Points conference room comparing iPad to Surface like a kid who just tore open the latest Call of Duty game.
Why Windows 8? I get this question a lot. People say, they took away my Start menu... why change a good thing? My answer: Windows 8 was built for tablets, ultrabooks and any touch-screen interface. You don’t need a start menu anymore, just touch and go. And while it’s true that the Windows Store (a teenager) is not the App Store (a mature adult), Microsoft has made great strides since its release. More and more developers are creating free and paid apps that take advantage of the touch-screen and tile interface.
Get to the Point, Mike... okay, so here’s what I like about the Microsoft Surface Pro, particularly for small businesses (bypass the Surface RT version. As a true iPad competitor, it doesn’t have a full-blown Windows operating system and there aren’t a lot of apps.)
With the Microsoft Surface Pro, you have...
1. The same functionality as a full-blown laptop (thank you, Intel Dual-Core Processor) in a sleek, tablet design.
2. The ability to install essentially any Windows-compatible application (so you are not restricted by what's in the App Store.)
3. Ability to install the full MS Office suite, something the iPad has been lacking since its inception.
4. Ability to connect to the office via VPN (Cisco ASA via Shrew/AnyConnect or Sonicwall via GlobalVPN/NetExtender).
5. Ability to edit shared files and save them back to the network.
6. Extra ports that will leave you wondering what you did without them. I hooked the Mini Display port to VGA connection up to our 60-inch HD TV in the 3Points conference room. The graphics looked fantastic! Two extra ports leave room for a dock so you can work with two monitors. No can do with the iPad. The magnetic adapter allowed me to charge my cell phone simultaneously with Surface.
7. Choice on your keyboard. Honestly, it’s the little things that count. I like the Surface’s raised keyboard for an extra $10 (especially if you are transitioning from a laptop experience), but the touch option works well too. Mostly, it’s great to have a choice. A stylus comes with the Surface. I use it for drawing and taking notes.
8. A sense of individuality. Not to get too sentimental here, but it is refreshing to see technology that creates a unique user experience. Rather than security passwords, Surface lets me use a picture and draw something on it to unlock. So, I can beam up my daughter, Braelyn, and draw circles around her bright blue eyes. Suddenly, technology becomes fun and personal. I like that.
And the downsides?
Space. The 64GB model really gives a user roughly 29GB of space (the operating system takes up the rest), which isn't much to work with in terms of installing applications and moving all your files onto the device. You can, of course, use the MicroSDXC slot to expand your storage. It sets you back about $65. I bought the 128GB model; most business people would.
Some testers believe the battery-life to be less than ideal on the Surface Pro. I've tested this and it puts up about the same performance as my Dell Latitude laptop, roughly four hours of work before it needs a charge. You can tweak other performance and power settings to optimize this, if need be. This hasn't been an issue for me so far and has proven to last for the work I've needed to do.
How much can you expect to pay walking out the door?
Roughly $1300 for the Surface Pro model at 128GB. The breakdown: $999 for Surface Pro (128GB model) + Type Cover ($129.99) or Touch Cover ($119.99) + Nixon Sleeve ($49.99) or Incipio Sleeve ($39.99) + Mini Display Port to VGA ($39.99) + Wedge Touch Mouse Surface Edition ($69.99) + 2-year Accidental Warranty (covers water and accidental damage to the device, $99) = ~$1307.97 before tax (price includes: Surface Pro (128GB) + Type Cover + Incipio Sleeve + Mini Display Port to VGA + 2-year Accidental Warranty).
Is the Surface Pro worth the roughly $1000 price-tag (128GB model)?
I believe it is. For the packed performance and form-factor design, you get exactly what you're looking for as a business user: an extremely portable, fully business functional device. At the end of the day, Surface Pro, or any other Windows 8 tablet or ultrabook out there, is going to be a good option. Windows 8 was built for a touch interface and proves to be very efficient once you take a little time to get acclimated. If you're thinking about making the move to Windows 8, strongly consider the Surface Pro or an ultrabook/tablet alternative to really get the best user experience.