So you're thinking about getting into the small business security scene. Maybe you've been managing small business servers or peer to peer networks without an Active Directory infrastructure. No matter what your background, there are some basic tasks that you can carry out that will significantly improve the level of security you can provide to your small business customers. Most of these basic tasks won't require you to attend years of classes or require a steep learning curve. Remember, that security is a process and that you'll always be looking for ways to increase security without making it difficult for people to get their jobs done.
Here's a short list of security measures you can take that will improve the security posture of your customers' networks:
- Install and update antimalware software on all the machines on the network. There are freeware AV applications you can use and Windows Defender is also free. Use them.
- Use Automatic Updates on all your Windows computers
- Enable the Windows Firewall on all your Windows XP machines, and the Windows Firewall with Advanced Security on all your Windows Vista machines
- Install spam filtering software on all your machines, or if you use a mail server on your network, install spam filtering software on the server. Outlook includes a built-in spam whacker if you use Outlook in cached mode with Exchange
- Restrict physical access to your computer equipment, especially to servers
- Set Share and NTFS permissions on files that are accessible over the network
- Disable or delete user accounts of users who are no longer with the company
- Create and distribute an Internet access policy
- Require the user of strong passwords. This can be forced on users if you have an Active Directory based network
- Install an edge firewall that control what sites users can access. Consider an application layer inspection firewall, such as an ISA Firewall, that can block dangerous content and sites
- Require VPN access for remote access users; consider SSL VPNs for a more secure configuration
- Use WPA2 on all wireless access points
- Create, document and put into practice a regular backup procedure for all critical data on the network
Just these few steps will go a long way at securing your small business network. Many of these tasks will require little effort on your part. Some of them might require that you do some additional reading. If you have any questions on how to perform any of these tasks, let me know! Just write to me at the address in my sig line and I'll make my answer a blog post that you can read.
Thomas W Shinder, M.D.
GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8
MVP - Microsoft Firewalls (ISA)