Everyone knows security software is essential to keeping their information and systems safe. What is a bit less obvious is that if you don’t invest some time to make sure the software is properly configured, it’s not really different to not having security software at all.
Security is a process
It’s easy to think of security as a “set and forget” task, but in reality it is an on-going process where you need to be ready to constantly adapt to a changing environment. Fail to understand this, and your business will learn the same lesson the dinosaurs did. You must be able to adapt because the bad guys are adapting.
Every move we make in the security sphere, there is a countermove on the opposite side to try and get around the safeguards that have been created. There is a lot of genius on both sides, so don’t think it’s like the movies where the good guys always win. We all need to be vigilant.
If all you’ve done about security is to install anti-virus and a firewall (or, far worse, you’re simply relying on the built-in services that were installed with the operating system), you are not actively participating in the process.
Your firewall is the most important security asset you have
The firewall is like immigration control. It lets data in and out of the local network, but it tries to stop the bad data getting in or out. This is achieved by trying to figure out which data is supposed to be allowed through and which is not.
A problem with many common firewall applications for Windows is that they’re built to be trusting until instructed otherwise. In other words, the default configuration is often to let all traffic through, and only block what is specifically blocked.
This is the opposite of a secure firewall which is distrusting by default, blocking everything except what has been explicitly marked as allowed. Applications that normally would be given permission to send and receive data are things like email and VOIP applications.
It’s important to understand that the firewall doesn’t check the contents of the email to make sure there’s nothing bad in there. For that you’ll need other software, including anti-virus, spam filters, and so on.
Spam should be filtered in both directions
You should be checking the emails going out to make sure they’re not spammy, and you should train your staff to understand what makes a spammy email. You should also train staff not to respond to spam, and to not delete spam (spam should be collected and placed in a special evidence folder so it can be used for improving the spam filter).
Firewalls and anti-virus are not the only security software
These are used for protecting your computer against specific types of threats. There are more threats out there, and you need more tools to guard against them all. All of these tools need to be configured just as correctly as the anti-virus and firewall do.
Important: Do not simply go online and search for any of these kinds of software. You should only get this software from a trusted source such as Nerds-2-You. Many of the applications that can be downloaded online might end up infecting you with the very problems you’re trying to guard against.
Some of the things you’ll need include:
- Anti-ransomware – currently one of the most dangerous threats to a business, but not one that is insurmountable if you have followed the other security tips from Nerds-2-You, especially those rules about segregation of operating system, applications, and files. Ransomware is not a virus, so not all anti-virus programs scan for ransomware. This is usually detected by anti-malware software or dedicated anti-ransomware software.
- Anti-malware – malware is any software that behaves in undesirable ways and is not necessarily a virus. Not all anti-virus software checks for malware. There is specific anti-malware software available to scan for malware.
- Anti-rookit – rootkits are a special kind of software that infects the computer at the root level and load before the system has even booted. This activity makes rootkits especially difficult to remove. Dedicated anti-rootkit software searches for rootkits and removes them if they’re found and if they can be removed.
- Anti-spyware – spyware is a form of malware that spies on activities. Yes, it’s true that many legitimate applications, including Windows 10, do perform some kind of activity that could be defined as fitting the description of spyware. It’s a complicated issue. What you’re really trying to do is guard against the nasty stuff.
- Browser security extensions – why would anyone be using a naked browser in 2020? It makes no sense at all. It’s like walking onto a battlefield naked. Your browser should at the very least include extensions like:
- uMatrix to limit what executes on a web page to only what needs to execute
- Decentraleyes to show you what services on a webpage are attempting to share your information with others
- Cookiebro to keep your cookies limited to a whitelist
- Network security software – shows you who is connecting to your network or attempting to connect, helps you block specific types of attempted connections, and lets you configure private access systems such as VPN.
For advice and assistance with any of these technologies, contact Nerds-2-You.