SlideShare uma empresa Scribd logo

Security Threats for SMBs

GFI Software
GFI Software

Many small and medium sized businesses are still unaware of the threats that exist. This guide to security threats for SMBs outlines the most common threats and how they can be dealt with.

Tecnologia
1 de 10
Baixar para ler offline
SECURITY THREATS: A GUIDE FOR SMALL AND MEDIUM ENTERPRISES Security threats are becoming increasingly sophisticated and harder to detect. Many small and medium-sized enterprises are still convinced that a firewall, antivirus and anti-spam software are enough to protect their networks. With cyber-crime on the increase, it is imperative that organizations are aware of the security threats that they face on a daily basis. The goal of this guide is to raise awareness in organizations of the importance of security and how they can deal with the threats.
Security threats: A guide for SMEs What does an SME need? A successful business works on the basis of revenue growth and loss prevention. Small and medium-sized enterprises (SMEs) are particularly hit hard when either one or both of these business requirements suffer. Data leakage, down-time and reputation loss can easily turn away new and existing customers if such situations are not handled appropriately and quickly. This may, in turn, impact on the company’s bottom line and ultimately profit margins. A computer virus outbreak or a network breach can cost a business thousands of dollars. In some cases, it may even lead to legal liability and lawsuits. The truth is that many organizations would like to have a secure IT environment but very often this need comes into conflict with other priorities. Firms often find the task of keeping the business functions aligned with the security process highly challenging. When economic circumstances look dire, it is easy to turn security into a checklist item that keeps being pushed back. However the reality is that, in such situations, security should be a primary issue. The likelihood of threats affecting your business will probably increase and the impact can be more detrimental if it tarnishes your reputation. This paper aims to help SMEs focus on threats that are likely to have an impact on, and affect, the organization. These threats specifically target SMEs rather than enterprise companies or home users. GFI Software | www.gfi.com 2
Security threats: A guide for SMEs Figure 1. Security threat map Security threats that affect SMEs Malicious Internet Content Most modern small or medium-sized enterprises need an Internet connection to operate. If you remove this means of communication, many areas of the organization will not be able to function properly or else they may be forced to revert to old, inefficient systems. Just think how important email has become and that for many organizations this is the primary means of communication. Even phone communications are changing shape with Voice over IP becoming a standard in many organizations. GFI Software | www.gfi.com 3
Security threats: A guide for SMEs At some point, most organizations have been the victim of a computer virus attack. While many may have antivirus protection, it is not unusual for an organization of more than 10 employees to use email or the internet without any form of protection. Even large organizations are not spared. Recently, three hospitals in London had to shut down their entire network due to an infection of a version of a worm called Mytob. Most of the time, we do not hear of small or medium-sized enterprises becoming victims of such infections because it is not in their interest to publicize these incidents. Many small or medium-sized enterprises cannot afford to employ prevention mechanisms such as network segregation. These factors simply make it easier for a worm to spread throughout an organization. Malware is a term that includes computer viruses, worms, trojans and any other kinds of malicious software. Employees and end-users within an organization may unknowingly introduce malware on the network when they run malicious executable code (EXE files). Sometimes they might receive an email with an attached worm or download spyware when visiting a malicious website. Alternatively, to get work done, employees may decide to install pirated software for which they do not have a license. This software tends to have more code than advertised and is a common method used by malware writers to infect the end-users’ computers. An organization that operates efficiently usually has established ways to share files and content across the organization. These methods can also be abused by worms to further infect computer systems on the network. Computer malware does not have to be introduced manually or consciously. Basic software packages installed on desktop computers such as Internet Explorer, Firefox, Adobe Acrobat Reader or Flash have their fair share of security vulnerabilities. These security weaknesses are actively exploited by malware writers to automatically infect victims’ computers. Such attacks are known as drive-by downloads because the user does not have knowledge of malicious files being downloaded onto his or her computer. In 2007, Google issued an alert 1 describing 450,000 web pages that can install malware without the user’s consent. Then you get social engineering attacks. This term refers to a set of techniques whereby attackers make the most of weaknesses in human nature rather than flaws within the technology. A phishing attack is a type of social engineering attack that is normally opportunistic and targets a subset of society. A phishing email message will typically look very familiar to the end-users – it will make use of genuine logos and other visuals (from a well-known bank, for example) and will, for all intents and purposes, appear to be the genuine thing. When the end-user follows the instructions in the email, he or she is directed to reveal sensitive or private information such as passwords, pin codes and credit card numbers. Employees and desktop computers are not the only target in an organization. Most small or medium- sized companies need to make use of servers for email, customer relationship management and file sharing. These servers tend to hold critical information that can easily become a target of an attack. Additionally, the move towards web applications has introduced a large number of new security vulnerabilities that are actively exploited by attackers to gain access to these web applications. If these services are compromised there is a high risk that sensitive information can be leaked and used by cyber- criminals to commit fraud. 1 http://news.bbc.co.uk/2/hi/technology/6645895.stm GFI Software | www.gfi.com 4
Security threats: A guide for SMEs Attacks on physical systems Internet-borne attacks are not the only security issue that organizations face. Laptops and mobiles are entrusted with the most sensitive of information about the organization. These devices, whether they are company property or personally owned, often contain company documents and are used to log on to the company network. More often than not, these mobile devices are also used during conferences and travel, thus running the risk of physical theft. The number of laptops and mobile devices stolen per year is ever on the increase. Attrition.org had over 400 articles in 2008 2 related to high profile data loss, many of which involved stolen laptops and missing disks. If it happens to major hospitals and governments that have established rules on handling such situations, why should it not happen to smaller enterprises? Another threat affecting physical security is that of unprotected endpoints. USB ports and DVD drives can both be used to leak data and introduce malware on the network. A USB stick that is mainly used for work and may contain sensitive documents, becomes a security risk if it is taken home and left lying around and other members of the family use it on their home PC. While the employee may understand the sensitive nature of the information stored on the USB stick, the rest of the family will probably not. They may copy files back and forth without considering the implications. This is typically a case of negligence but it can also be the work of a targeted attack, where internal employees can take large amounts of information out of the company. Small and medium-sized enterprises may overlook the importance of securing the physical network and server room to prevent unauthorized persons from gaining access. Open network points and unprotected server rooms can allow disgruntled employees and visitors to connect to the network and launch attacks such as ARP spoofing to capture network traffic with no encryption and steal passwords and content. Authentication and privilege attacks Passwords remain the number one vulnerability in many systems. It is not an easy task to have a secure system whereby people are required to choose a unique password that others cannot guess but is still easy for them to remember. Nowadays most people have at least five other passwords to remember, and the password used for company business should not be the same one used for webmail accounts, site memberships and so on. High profile intrusions such as the one on Twitter 3 (the password was happiness), clearly show that passwords are often the most common causing universal security weakness and attacks exploiting this weakness do not require a lot of technical knowledge. Password policies can go a long way to mitigate the risk, but if the password policy is too strict people will find ways and means to get around it. They will write the password on sticky notes, share them with their colleagues or simply find a keyboard pattern (1q2w3e4r5t) that is easy to remember but also easy to guess. Most complex password policies can be easily rendered useless by non-technological means. 2 http://www.attrition.org/dataloss/ 3 http://tinyurl.com/bysvuf GFI Software | www.gfi.com 5
Security threats: A guide for SMEs In small and medium-sized enterprises, systems administrators are often found to be doing the work of the network operators and project managers as well as the security analysts. Therefore a disgruntled systems administrator will be a major security problem due to the amount of responsibility (and access rights) that he or she holds. With full access privileges, a systems administrator may plan a logic bomb, backdoor accounts or leak sensitive company information that may greatly affect the stability and reputation of the organization. Additionally, in many cases the systems administrator is the person who sets the passwords for important services or servers. When he or she leaves the organization, these passwords may not be changed (especially if not documented) thus leaving a backdoor for the ex- employee. A startup company called JournalSpace 4 was caught with no backups when their former system administrator decided to wipe out the main database. This proved to be disastrous for the company which ended up asking users to retrieve their content from Google’s cache. The company’s management team may also have administrative privileges on their personal computers or laptops. The reasons vary but they may want to be able to install new software or simply to have more control of their machines. The problem with this scenario is that one compromised machine is all that an attacker needs to target an organization. The firm itself does not need to be specifically picked out but may simply become a victim of an attack aimed at a particular vulnerable software package. Even when user accounts on the network are supposed to have reduced privileges, there may be times where privilege creep occurs. For example, a manager that hands over an old project to another manager may retain the old privileges for years even after the handover! When his or her account is compromised, the intruder also gains access to the old project. Employees with mobile devices and laptop computers can pose a significant risk when they make use of unsecured wireless networks whilst attending a conference or during their stay at a hotel. In many cases, inadequate or no encryption is used and anyone ‘in between’ can view and modify the network traffic. This can be the start of an intrusion leading to compromised company accounts and networks. Denial of Service In an attempt to minimize costs, or simply through negligence, most small and some medium-sized enterprises have various single points of failures. Denial of service is an attack that prevents legitimate users from making use of a service and it can be very hard to prevent. The means to carry out a DoS attack and the motives may vary, but it typically leads to downtime and legitimate customers losing confidence in the organization - and it is not necessarily due to an Internet-borne incident. In 2008, many organizations in the Mediterranean Sea basin and in the Middle East suffered Internet downtime due to damages to the underwater Internet cables. Some of these organizations relied on a single Internet connection, and their business was driven by Internet communications. Having such a single point of failure proved to be very damaging for these organizations in terms of lost productivity and lost business. Reliability is a major concern for most businesses and their inability to address even one single point of failure can be costly. 4 http://tinyurl.com/6ulyqs GFI Software | www.gfi.com 6
Security threats: A guide for SMEs If an organization is not prepared for a security incident, it will probably not handle the situation appropriately. One question that needs to be asked is: if a virus outbreak does occur, who should handle the various steps that need to be taken to get the systems back in shape? If an organization is simply relying on the systems administrator to handle such incidents, then that organization is not acknowledging that such a situation is not simply technical in nature. It is important to be able to identify the entry point, to approach the persons concerned and to have policies in place to prevent future occurrences – apart from simply removing the virus from the network! If all these tasks are left to a systems administrator, who might have to do everything ad hoc, then that is a formula for lengthy downtime. Addressing security threats An antivirus is not an option The volume of malware that can hit organizations today is enormous and the attack vectors are multiple. Viruses may spread through email, websites, USB sticks, and instant messenger programs to name but a few. If an organization does not have an antivirus installed, the safety of the desktop computers will be at the mercy of the end-user and relying on the end-user is not advisable or worth the risk. Protecting desktop workstations is only one recommended practice. Once virus code is present on a desktop computer, it becomes a race between the virus and the antivirus. Most malware has functionality to disable your antivirus software, firewalls and so on. Therefore you do not want the virus to get to your desktop computer in the first place! The solution is to deploy content filtering at the gateway. Antivirus can be part of the content filtering strategy which can be installed at the email and web gateway. Email accounts are frequently spammed with malicious email attachments. These files often appear to come from legitimate contacts thus fooling the end-user into running the malware code. Leaving the decision to the user whether or not to trust an attachment received by email is never a good idea. By blocking malware at the email gateway, you are greatly reducing the risk that end-users may make a mistake and open an infected file. Similarly, scanning all incoming web (HTTP) traffic for malicious code addresses a major infection vector and is a requirement when running a secure network environment. Security Awareness A large percentage of successful attacks do not necessarily exploit technical vulnerabilities. Instead they rely on social engineering and people’s willingness to trust others. There are two extremes: either employees in an organization totally mistrust each other to such an extent that the sharing of data or information is nil; or, at the other end of the scale, you have total trust between all employees. In organizations, neither approach is desirable. There has to be an element of trust throughout an organization but checks and balances are just as important. Employees need to be given the opportunity to work and share data but they must also be aware of the security issues that arise as a result of their actions. This is why a security awareness program is so important. For example, malware often relies on victims to run an executable file to spread and infect a computer or network. Telling your employees not to open emails from unknown senders is not enough. They need to be told that in so doing they risk losing all their work, their passwords and other confidential details to GFI Software | www.gfi.com 7
Security threats: A guide for SMEs third parties. They need to understand what behavior is acceptable when dealing with email and web content. Anything suspicious should be reported to someone who can handle security incidents. Having open communication across different departments makes for better information security, since many social engineering attacks abuse the communication breakdowns across departments. Additionally, it is important to keep in mind that a positive working environment where people are happy in their job is less susceptible to insider attacks than an oppressive workplace. Endpoint security A lot of information in an organization is not centralized. Even when there is a central system, information is often shared between different users, different devices and copied numerous times. In contrast with perimeter security, endpoint security is the concept that each device in an organization needs to be secured. It is recommended that sensitive information is encrypted on portable devices such as laptops. Additionally, removable storage such as DVD drives, floppy drives and USB ports may be blocked if they are considered to be a major threat vector for malware infections or data leakage. Securing endpoints on a network may require extensive planning and auditing. For example, policies can be applied that state that only certain computers (e.g. laptops) can connect to specific networks. It may also make sense to restrict usage of wireless (WiFi) access points. Policies Policies are the basis of every information security program. It is useless taking security precautions or trying to manage a secure environment if there are no objectives or clearly defined rules. Policies clarify what is or is not allowed in an organization as well as define the procedures that apply in different situations. They should be clear and have the full backing of senior management. Finally they need to be communicated to the organization’s staff and enforced accordingly. There are various policies, some of which can be enforced through technology and others which have to be enforced through human resources. For example, password complexity policies can be enforced through Windows domain policies. On the other hand, a policy which ensures that company USB sticks are not taken home may need to be enforced through awareness and labeling. As with most security precautions, it is important that policies that affect security are driven by business objectives rather than gut feelings. If security policies are too strict, they will be bypassed, thus creating a false sense of security and possibly new attack vectors. Role separation Separation of duties, auditing and the principle of least privilege can go a long way in protecting an organization from having single points of failure and privilege creep. By employing separation of duties, the impact of a particular employee turning against the organization is greatly reduced. For example, a system administrator who is not allowed to make alterations to the database server directly, but has to ask the database administrator and document his actions, is a good use of separation of duties. A security analyst who receives a report when a network operator makes changes to the firewall access control lists is a good application of auditing. If a manager has no business need to install software on a regular basis, then his or her account should not be granted such privileges (power user on Windows). These concepts are very important and it all boils down to who is watching the watchers. GFI Software | www.gfi.com 8
Security threats: A guide for SMEs Backup and redundant systems Although less glamorous than other topics on information security, backups remain one of the most reliable solutions. Making use of backups can have a direct business benefit when things go wrong. Disasters do occur and an organization will come across situations when hardware fails or a user (intentionally or otherwise) deletes important data. A well-managed and tested backup system will get the business back up and running in very little time compared to other disaster recovery solutions. It is therefore important that backups are not only automated to avoid human error but also periodically tested. It is useless having a backup system if restoration does not function as advertised. Redundant systems allow a business to continue working even if a disaster occurs. Backup servers and alternative network connections can help to reduce downtime or at least provide a business with limited resources until all systems and data are restored. Keeping your systems patched New advisories addressing security vulnerabilities in software are published on a daily basis. It is not an easy task to stay up-to-date with all the vulnerabilities that apply for software installed on the network, therefore many organizations make use of a patch management system to handle the task. It is important to note that patches and security updates are not only issued for Microsoft products but also for third party software. For example, although the web browser is running the latest updates, a desktop can still be compromised when visiting a website simply because it is running a vulnerable version of Adobe Flash. Additionally it may be important to assess the impact of vulnerability before applying a patch, rather than applying patches religiously. It is also important to test security updates before applying them to a live system. The reason is that, from time to time, vendors issue patches that may conflict with other systems or that were not tested for your particular configuration. Additionally, security updates may sometimes result in temporary downtime, for example when they require a machine reboot. Systems administrators often have to choose between installing security updates immediately and keeping the system up and running. Minimize exposure Simple systems are easier to manage and therefore any security issues that apply to such systems can be addressed with relative ease. However, complex systems and networks make it harder for a security analyst to assess their security status. For example, if an organization does not need to expose a large number of services on the Internet, the firewall configuration would be quite straightforward. However, the greater the company’s need to be visible – an online retailer, for example – the more complex the firewall configuration will be, leaving room for possible security holes that could be exploited by attackers to access internal network services. When servers and desktop computers have fewer software packages installed, they are easier to keep up- to-date and manage. This concept can work hand in hand with the principle of least privilege. By making use of fewer components, fewer software and fewer privileges, you reduce the attack surface while allowing for security to be more focused to tackle real issues. GFI Software | www.gfi.com 9
GFI 1024 aug10 Security threats: A guide for SMEs Conclusion Security in small and medium-sized enterprises is more than just preventing viruses and blocking spam. This document aims to give managers, analysts, administrators and operators in SMEs a snapshot of the IT security threats facing their organization. Every organization is different but in many instances the threats are common to all. Security is a cost of doing business but those that prepare themselves well against possible threats will benefit the most in the long term. © 2010. GFI Software. All rights reserved. All product and company names herein may be trademarks of their respective owners. The information and content in this document is provided for informational purposes only and is provided “as is” with no warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. GFI Software is not liable for any damages, including any consequential damages, of any kind that may result from the use of this document. The information is obtained from publicly available sources. Though reasonable effort has been made to ensure the accuracy of the data provided, GFI makes no claim, promise or guarantee about the completeness, accuracy, recency or adequacy of information and is not responsible for misprints, out-of-date information, or errors. GFI makes no warranty, express or implied, and assumes no legal liability or responsibility for the accuracy or completeness of any information contained in this document. If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical. GFI Software | www.gfi.com 10

Recomendados

VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
Patch management
Patch managementPatch management
Patch managementGFI Software
 
Network Environments
Network EnvironmentsNetwork Environments
Network EnvironmentsGFI Software
 
Hybrid Technology
Hybrid TechnologyHybrid Technology
Hybrid TechnologyGFI Software
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productGFI Software
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...GFI Software
 
The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemEnterprise Technology Management (ETM)
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 

Recomendados

VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
Patch management
Patch managementPatch management
Patch managementGFI Software
 
Network Environments
Network EnvironmentsNetwork Environments
Network EnvironmentsGFI Software
 
Hybrid Technology
Hybrid TechnologyHybrid Technology
Hybrid TechnologyGFI Software
 
How to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productHow to tell if that pop-up window is offering you a rogue anti-malware product
How to tell if that pop-up window is offering you a rogue anti-malware productGFI Software
 
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...
When Less is More: Why Small Companies Should Think Outside the(Red/Yellow) B...GFI Software
 
The Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemThe Top Ten Insider Threats And How To Prevent Them
The Top Ten Insider Threats And How To Prevent ThemEnterprise Technology Management (ETM)
 
ZSAH Security - Web
ZSAH Security - WebZSAH Security - Web
ZSAH Security - WebFahd Khan
 
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIIBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIAGILLY
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Securityarms8586
 
How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19Dharmendra Rama
 
Beyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityBeyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityUltraUploader
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Kim Jensen
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataIBM Security
 
A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)GuardEra Access Solutions, Inc.
 
Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.uNIX Jim
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
Case study
Case studyCase study
Case studyShehrevar Davierwala
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paperImaging Network Technology, LLC
 
Is Cloud the new home for Cyber Criminals? How to be Safe?
Is Cloud the new home for Cyber Criminals? How to be Safe?Is Cloud the new home for Cyber Criminals? How to be Safe?
Is Cloud the new home for Cyber Criminals? How to be Safe?Web Werks Data Centers
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Security
 
Ijnsa050215
Ijnsa050215Ijnsa050215
Ijnsa050215IJNSA Journal
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Sarah Nirschl
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationIBM Security
 
Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417Основна школа "Миливоје Боровић" Мачкат
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 
beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103Jack McCullough
 
Data security
Data security Data security
Data security Laura Breese
 

Mais conteúdo relacionado

Mais procurados

IBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIIBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIAGILLY
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Securityarms8586
 
How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19Dharmendra Rama
 
Beyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityBeyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityUltraUploader
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Kim Jensen
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataIBM Security
 
A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)GuardEra Access Solutions, Inc.
 
Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.uNIX Jim
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityBooz Allen Hamilton
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecuritySvetlana Belyaeva
 
Is Cloud the new home for Cyber Criminals? How to be Safe?
Is Cloud the new home for Cyber Criminals? How to be Safe?Is Cloud the new home for Cyber Criminals? How to be Safe?
Is Cloud the new home for Cyber Criminals? How to be Safe?Web Werks Data Centers
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Security
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Sarah Nirschl
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationIBM Security
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedKim Jensen
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundaryDean Iacovelli
 

Mais procurados (20)

IBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSIIBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
IBM MobileFrist Protect - Guerir la Mobilephobie des RSSI
 
IDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based SecurityIDC: Top Five Considerations for Cloud-Based Security
IDC: Top Five Considerations for Cloud-Based Security
 
How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19How to secure your enterprise data during Covid-19
How to secure your enterprise data during Covid-19
 
Beyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus securityBeyond layers and peripheral antivirus security
Beyond layers and peripheral antivirus security
 
Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014Secunia Vulnerability Review 2014
Secunia Vulnerability Review 2014
 
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive DataX-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
X-Force Threat Intelligence: Fight Insider Threats & Protect Your Sensitive Data
 
A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)A Guide To SMB Network Security Compliance Research Group(1)
A Guide To SMB Network Security Compliance Research Group(1)
 
Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.Biggest info security mistakes security innovation inc.
Biggest info security mistakes security innovation inc.
 
Cybersecurity in the Age of Mobility
Cybersecurity in the Age of MobilityCybersecurity in the Age of Mobility
Cybersecurity in the Age of Mobility
 
Case study
Case studyCase study
Case study
 
2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity2 21677 splunk_big_data_futureofsecurity
2 21677 splunk_big_data_futureofsecurity
 
Network monitoring white paper
Network monitoring white paperNetwork monitoring white paper
Network monitoring white paper
 
Is Cloud the new home for Cyber Criminals? How to be Safe?
Is Cloud the new home for Cyber Criminals? How to be Safe?Is Cloud the new home for Cyber Criminals? How to be Safe?
Is Cloud the new home for Cyber Criminals? How to be Safe?
 
IBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions RoadmapIBM Insight 2015 - Security Sessions Roadmap
IBM Insight 2015 - Security Sessions Roadmap
 
Ijnsa050215
Ijnsa050215Ijnsa050215
Ijnsa050215
 
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
Perception Gaps in Cyber Resilience: What Are Your Blind Spots?
 
The Economics of IT Risk and Reputation
The Economics of IT Risk and ReputationThe Economics of IT Risk and Reputation
The Economics of IT Risk and Reputation
 
Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417Fy17 sec shadow_it-e_book_final_032417
Fy17 sec shadow_it-e_book_final_032417
 
Infoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updatedInfoworld deep dive - Mobile Security2015 updated
Infoworld deep dive - Mobile Security2015 updated
 
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary"Evolving Cybersecurity Strategies" - Identity is the new security boundary
"Evolving Cybersecurity Strategies" - Identity is the new security boundary
 

Semelhante a Security Threats for SMBs

beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103Jack McCullough
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to itIT-Toolkits.org
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to itIT-Toolkits.org
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141sraina2
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threatsReadWrite
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Erik Ginalick
 
Cybersecurity a short business guide
Cybersecurity a short business guideCybersecurity a short business guide
Cybersecurity a short business guidelarry1401
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESIJNSA Journal
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber securityCarol Meng-Shih Wang
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman
 
Human Error in Cyber Security Breaches | Cyberroot Risk Advisory
Human Error in Cyber Security Breaches | Cyberroot Risk AdvisoryHuman Error in Cyber Security Breaches | Cyberroot Risk Advisory
Human Error in Cyber Security Breaches | Cyberroot Risk AdvisoryCR Group
 
Most Important Data Security Concerns Troubling Enterprises
Most Important Data Security Concerns Troubling EnterprisesMost Important Data Security Concerns Troubling Enterprises
Most Important Data Security Concerns Troubling EnterprisesBryTech INC
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsHappiest Minds Technologies
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Joseph White MPA CPM
 
7 Types of Cyber Security Threats | The Lifesciences Magazine
7 Types of Cyber Security Threats | The Lifesciences Magazine7 Types of Cyber Security Threats | The Lifesciences Magazine
7 Types of Cyber Security Threats | The Lifesciences MagazineThe Lifesciences Magazine
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForcePatrick Bouillaud
 

Semelhante a Security Threats for SMBs (20)

beyond_the_firewall_0103
beyond_the_firewall_0103beyond_the_firewall_0103
beyond_the_firewall_0103
 
Data security
Data security Data security
Data security
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
 
10 security problems unique to it
10 security problems unique to it10 security problems unique to it
10 security problems unique to it
 
InformationSecurity_11141
InformationSecurity_11141InformationSecurity_11141
InformationSecurity_11141
 
5 network-security-threats
5 network-security-threats5 network-security-threats
5 network-security-threats
 
Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112Five Network Security Threats And How To Protect Your Business Wp101112
Five Network Security Threats And How To Protect Your Business Wp101112
 
Cybersecurity a short business guide
Cybersecurity a short business guideCybersecurity a short business guide
Cybersecurity a short business guide
 
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSESE-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
E-COMMERCE SYSTEMS SECURITY FOR SMALL BUSINESSES
 
What you need to know about cyber security
What you need to know about cyber securityWhat you need to know about cyber security
What you need to know about cyber security
 
Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015Mark Lanterman - The Risk Report October 2015
Mark Lanterman - The Risk Report October 2015
 
Measures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacksMeasures to Avoid Cyber-attacks
Measures to Avoid Cyber-attacks
 
Measure To Avoid Cyber Attacks
Measure To Avoid Cyber AttacksMeasure To Avoid Cyber Attacks
Measure To Avoid Cyber Attacks
 
Human Error in Cyber Security Breaches | Cyberroot Risk Advisory
Human Error in Cyber Security Breaches | Cyberroot Risk AdvisoryHuman Error in Cyber Security Breaches | Cyberroot Risk Advisory
Human Error in Cyber Security Breaches | Cyberroot Risk Advisory
 
Most Important Data Security Concerns Troubling Enterprises
Most Important Data Security Concerns Troubling EnterprisesMost Important Data Security Concerns Troubling Enterprises
Most Important Data Security Concerns Troubling Enterprises
 
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest MindsWhitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
Whitepaper: BATTLING IT OUT: APPLICATION AND MOBILE SECURITY - Happiest Minds
 
Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014Target Data Breach Case Study 10242014
Target Data Breach Case Study 10242014
 
7 Types of Cyber Security Threats | The Lifesciences Magazine
7 Types of Cyber Security Threats | The Lifesciences Magazine7 Types of Cyber Security Threats | The Lifesciences Magazine
7 Types of Cyber Security Threats | The Lifesciences Magazine
 
Securité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-ForceSecurité : Le rapport 2Q de la X-Force
Securité : Le rapport 2Q de la X-Force
 
IBM X-Force.PDF
IBM X-Force.PDFIBM X-Force.PDF
IBM X-Force.PDF
 

Mais de GFI Software

Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013GFI Software
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesGFI Software
 
Understanding Data Backups
Understanding Data BackupsUnderstanding Data Backups
Understanding Data BackupsGFI Software
 
Master Class Series
Master Class SeriesMaster Class Series
Master Class SeriesGFI Software
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability ManagementGFI Software
 
Deploying GFI EventsManager™
Deploying GFI EventsManager™Deploying GFI EventsManager™
Deploying GFI EventsManager™GFI Software
 
How to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log ManagementHow to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log ManagementGFI Software
 
How to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManagerHow to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManagerGFI Software
 
Email Security Solutions
Email Security SolutionsEmail Security Solutions
Email Security SolutionsGFI Software
 
Messaging and Web Security
Messaging and Web SecurityMessaging and Web Security
Messaging and Web SecurityGFI Software
 
How to Keep Spam Off Your Network
How to Keep Spam Off Your NetworkHow to Keep Spam Off Your Network
How to Keep Spam Off Your NetworkGFI Software
 
How to Block NDR Spam
How to Block NDR SpamHow to Block NDR Spam
How to Block NDR SpamGFI Software
 
Binary translation
Binary translationBinary translation
Binary translationGFI Software
 

Mais de GFI Software (20)

Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013Spotlight on GFI EndPoint Security 2013
Spotlight on GFI EndPoint Security 2013
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage Devices
 
Email Continuity
Email ContinuityEmail Continuity
Email Continuity
 
Understanding Data Backups
Understanding Data BackupsUnderstanding Data Backups
Understanding Data Backups
 
Data Backups
Data BackupsData Backups
Data Backups
 
Master Class Series
Master Class SeriesMaster Class Series
Master Class Series
 
Security and SMBs
Security and SMBsSecurity and SMBs
Security and SMBs
 
Vulnerability Management
Vulnerability ManagementVulnerability Management
Vulnerability Management
 
Deploying GFI EventsManager™
Deploying GFI EventsManager™Deploying GFI EventsManager™
Deploying GFI EventsManager™
 
How to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log ManagementHow to Perform Network-wide Security Event Log Management
How to Perform Network-wide Security Event Log Management
 
How to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManagerHow to configure IBM iSeries event collection with Audit and GFI EventsManager
How to configure IBM iSeries event collection with Audit and GFI EventsManager
 
Email Security Solutions
Email Security SolutionsEmail Security Solutions
Email Security Solutions
 
Maxmp greylisting
Maxmp greylistingMaxmp greylisting
Maxmp greylisting
 
Messaging and Web Security
Messaging and Web SecurityMessaging and Web Security
Messaging and Web Security
 
How to Keep Spam Off Your Network
How to Keep Spam Off Your NetworkHow to Keep Spam Off Your Network
How to Keep Spam Off Your Network
 
How to Block NDR Spam
How to Block NDR SpamHow to Block NDR Spam
How to Block NDR Spam
 
Email Continuity
Email ContinuityEmail Continuity
Email Continuity
 
Greylisting
GreylistingGreylisting
Greylisting
 
Binary translation
Binary translationBinary translation
Binary translation
 
Stopping Malware
Stopping MalwareStopping Malware
Stopping Malware
 

Último

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdflior mazor
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘RTylerCroy
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking MenDelhi Call girls
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsJoaquim Jorge
 

Último (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 

Security Threats for SMBs

  • 1. SECURITY THREATS: A GUIDE FOR SMALL AND MEDIUM ENTERPRISES Security threats are becoming increasingly sophisticated and harder to detect. Many small and medium-sized enterprises are still convinced that a firewall, antivirus and anti-spam software are enough to protect their networks. With cyber-crime on the increase, it is imperative that organizations are aware of the security threats that they face on a daily basis. The goal of this guide is to raise awareness in organizations of the importance of security and how they can deal with the threats.
  • 2. Security threats: A guide for SMEs What does an SME need? A successful business works on the basis of revenue growth and loss prevention. Small and medium-sized enterprises (SMEs) are particularly hit hard when either one or both of these business requirements suffer. Data leakage, down-time and reputation loss can easily turn away new and existing customers if such situations are not handled appropriately and quickly. This may, in turn, impact on the company’s bottom line and ultimately profit margins. A computer virus outbreak or a network breach can cost a business thousands of dollars. In some cases, it may even lead to legal liability and lawsuits. The truth is that many organizations would like to have a secure IT environment but very often this need comes into conflict with other priorities. Firms often find the task of keeping the business functions aligned with the security process highly challenging. When economic circumstances look dire, it is easy to turn security into a checklist item that keeps being pushed back. However the reality is that, in such situations, security should be a primary issue. The likelihood of threats affecting your business will probably increase and the impact can be more detrimental if it tarnishes your reputation. This paper aims to help SMEs focus on threats that are likely to have an impact on, and affect, the organization. These threats specifically target SMEs rather than enterprise companies or home users. GFI Software | www.gfi.com 2
  • 3. Security threats: A guide for SMEs Figure 1. Security threat map Security threats that affect SMEs Malicious Internet Content Most modern small or medium-sized enterprises need an Internet connection to operate. If you remove this means of communication, many areas of the organization will not be able to function properly or else they may be forced to revert to old, inefficient systems. Just think how important email has become and that for many organizations this is the primary means of communication. Even phone communications are changing shape with Voice over IP becoming a standard in many organizations. GFI Software | www.gfi.com 3
  • 4. Security threats: A guide for SMEs At some point, most organizations have been the victim of a computer virus attack. While many may have antivirus protection, it is not unusual for an organization of more than 10 employees to use email or the internet without any form of protection. Even large organizations are not spared. Recently, three hospitals in London had to shut down their entire network due to an infection of a version of a worm called Mytob. Most of the time, we do not hear of small or medium-sized enterprises becoming victims of such infections because it is not in their interest to publicize these incidents. Many small or medium-sized enterprises cannot afford to employ prevention mechanisms such as network segregation. These factors simply make it easier for a worm to spread throughout an organization. Malware is a term that includes computer viruses, worms, trojans and any other kinds of malicious software. Employees and end-users within an organization may unknowingly introduce malware on the network when they run malicious executable code (EXE files). Sometimes they might receive an email with an attached worm or download spyware when visiting a malicious website. Alternatively, to get work done, employees may decide to install pirated software for which they do not have a license. This software tends to have more code than advertised and is a common method used by malware writers to infect the end-users’ computers. An organization that operates efficiently usually has established ways to share files and content across the organization. These methods can also be abused by worms to further infect computer systems on the network. Computer malware does not have to be introduced manually or consciously. Basic software packages installed on desktop computers such as Internet Explorer, Firefox, Adobe Acrobat Reader or Flash have their fair share of security vulnerabilities. These security weaknesses are actively exploited by malware writers to automatically infect victims’ computers. Such attacks are known as drive-by downloads because the user does not have knowledge of malicious files being downloaded onto his or her computer. In 2007, Google issued an alert 1 describing 450,000 web pages that can install malware without the user’s consent. Then you get social engineering attacks. This term refers to a set of techniques whereby attackers make the most of weaknesses in human nature rather than flaws within the technology. A phishing attack is a type of social engineering attack that is normally opportunistic and targets a subset of society. A phishing email message will typically look very familiar to the end-users – it will make use of genuine logos and other visuals (from a well-known bank, for example) and will, for all intents and purposes, appear to be the genuine thing. When the end-user follows the instructions in the email, he or she is directed to reveal sensitive or private information such as passwords, pin codes and credit card numbers. Employees and desktop computers are not the only target in an organization. Most small or medium- sized companies need to make use of servers for email, customer relationship management and file sharing. These servers tend to hold critical information that can easily become a target of an attack. Additionally, the move towards web applications has introduced a large number of new security vulnerabilities that are actively exploited by attackers to gain access to these web applications. If these services are compromised there is a high risk that sensitive information can be leaked and used by cyber- criminals to commit fraud. 1 http://news.bbc.co.uk/2/hi/technology/6645895.stm GFI Software | www.gfi.com 4
  • 5. Security threats: A guide for SMEs Attacks on physical systems Internet-borne attacks are not the only security issue that organizations face. Laptops and mobiles are entrusted with the most sensitive of information about the organization. These devices, whether they are company property or personally owned, often contain company documents and are used to log on to the company network. More often than not, these mobile devices are also used during conferences and travel, thus running the risk of physical theft. The number of laptops and mobile devices stolen per year is ever on the increase. Attrition.org had over 400 articles in 2008 2 related to high profile data loss, many of which involved stolen laptops and missing disks. If it happens to major hospitals and governments that have established rules on handling such situations, why should it not happen to smaller enterprises? Another threat affecting physical security is that of unprotected endpoints. USB ports and DVD drives can both be used to leak data and introduce malware on the network. A USB stick that is mainly used for work and may contain sensitive documents, becomes a security risk if it is taken home and left lying around and other members of the family use it on their home PC. While the employee may understand the sensitive nature of the information stored on the USB stick, the rest of the family will probably not. They may copy files back and forth without considering the implications. This is typically a case of negligence but it can also be the work of a targeted attack, where internal employees can take large amounts of information out of the company. Small and medium-sized enterprises may overlook the importance of securing the physical network and server room to prevent unauthorized persons from gaining access. Open network points and unprotected server rooms can allow disgruntled employees and visitors to connect to the network and launch attacks such as ARP spoofing to capture network traffic with no encryption and steal passwords and content. Authentication and privilege attacks Passwords remain the number one vulnerability in many systems. It is not an easy task to have a secure system whereby people are required to choose a unique password that others cannot guess but is still easy for them to remember. Nowadays most people have at least five other passwords to remember, and the password used for company business should not be the same one used for webmail accounts, site memberships and so on. High profile intrusions such as the one on Twitter 3 (the password was happiness), clearly show that passwords are often the most common causing universal security weakness and attacks exploiting this weakness do not require a lot of technical knowledge. Password policies can go a long way to mitigate the risk, but if the password policy is too strict people will find ways and means to get around it. They will write the password on sticky notes, share them with their colleagues or simply find a keyboard pattern (1q2w3e4r5t) that is easy to remember but also easy to guess. Most complex password policies can be easily rendered useless by non-technological means. 2 http://www.attrition.org/dataloss/ 3 http://tinyurl.com/bysvuf GFI Software | www.gfi.com 5
  • 6. Security threats: A guide for SMEs In small and medium-sized enterprises, systems administrators are often found to be doing the work of the network operators and project managers as well as the security analysts. Therefore a disgruntled systems administrator will be a major security problem due to the amount of responsibility (and access rights) that he or she holds. With full access privileges, a systems administrator may plan a logic bomb, backdoor accounts or leak sensitive company information that may greatly affect the stability and reputation of the organization. Additionally, in many cases the systems administrator is the person who sets the passwords for important services or servers. When he or she leaves the organization, these passwords may not be changed (especially if not documented) thus leaving a backdoor for the ex- employee. A startup company called JournalSpace 4 was caught with no backups when their former system administrator decided to wipe out the main database. This proved to be disastrous for the company which ended up asking users to retrieve their content from Google’s cache. The company’s management team may also have administrative privileges on their personal computers or laptops. The reasons vary but they may want to be able to install new software or simply to have more control of their machines. The problem with this scenario is that one compromised machine is all that an attacker needs to target an organization. The firm itself does not need to be specifically picked out but may simply become a victim of an attack aimed at a particular vulnerable software package. Even when user accounts on the network are supposed to have reduced privileges, there may be times where privilege creep occurs. For example, a manager that hands over an old project to another manager may retain the old privileges for years even after the handover! When his or her account is compromised, the intruder also gains access to the old project. Employees with mobile devices and laptop computers can pose a significant risk when they make use of unsecured wireless networks whilst attending a conference or during their stay at a hotel. In many cases, inadequate or no encryption is used and anyone ‘in between’ can view and modify the network traffic. This can be the start of an intrusion leading to compromised company accounts and networks. Denial of Service In an attempt to minimize costs, or simply through negligence, most small and some medium-sized enterprises have various single points of failures. Denial of service is an attack that prevents legitimate users from making use of a service and it can be very hard to prevent. The means to carry out a DoS attack and the motives may vary, but it typically leads to downtime and legitimate customers losing confidence in the organization - and it is not necessarily due to an Internet-borne incident. In 2008, many organizations in the Mediterranean Sea basin and in the Middle East suffered Internet downtime due to damages to the underwater Internet cables. Some of these organizations relied on a single Internet connection, and their business was driven by Internet communications. Having such a single point of failure proved to be very damaging for these organizations in terms of lost productivity and lost business. Reliability is a major concern for most businesses and their inability to address even one single point of failure can be costly. 4 http://tinyurl.com/6ulyqs GFI Software | www.gfi.com 6
  • 7. Security threats: A guide for SMEs If an organization is not prepared for a security incident, it will probably not handle the situation appropriately. One question that needs to be asked is: if a virus outbreak does occur, who should handle the various steps that need to be taken to get the systems back in shape? If an organization is simply relying on the systems administrator to handle such incidents, then that organization is not acknowledging that such a situation is not simply technical in nature. It is important to be able to identify the entry point, to approach the persons concerned and to have policies in place to prevent future occurrences – apart from simply removing the virus from the network! If all these tasks are left to a systems administrator, who might have to do everything ad hoc, then that is a formula for lengthy downtime. Addressing security threats An antivirus is not an option The volume of malware that can hit organizations today is enormous and the attack vectors are multiple. Viruses may spread through email, websites, USB sticks, and instant messenger programs to name but a few. If an organization does not have an antivirus installed, the safety of the desktop computers will be at the mercy of the end-user and relying on the end-user is not advisable or worth the risk. Protecting desktop workstations is only one recommended practice. Once virus code is present on a desktop computer, it becomes a race between the virus and the antivirus. Most malware has functionality to disable your antivirus software, firewalls and so on. Therefore you do not want the virus to get to your desktop computer in the first place! The solution is to deploy content filtering at the gateway. Antivirus can be part of the content filtering strategy which can be installed at the email and web gateway. Email accounts are frequently spammed with malicious email attachments. These files often appear to come from legitimate contacts thus fooling the end-user into running the malware code. Leaving the decision to the user whether or not to trust an attachment received by email is never a good idea. By blocking malware at the email gateway, you are greatly reducing the risk that end-users may make a mistake and open an infected file. Similarly, scanning all incoming web (HTTP) traffic for malicious code addresses a major infection vector and is a requirement when running a secure network environment. Security Awareness A large percentage of successful attacks do not necessarily exploit technical vulnerabilities. Instead they rely on social engineering and people’s willingness to trust others. There are two extremes: either employees in an organization totally mistrust each other to such an extent that the sharing of data or information is nil; or, at the other end of the scale, you have total trust between all employees. In organizations, neither approach is desirable. There has to be an element of trust throughout an organization but checks and balances are just as important. Employees need to be given the opportunity to work and share data but they must also be aware of the security issues that arise as a result of their actions. This is why a security awareness program is so important. For example, malware often relies on victims to run an executable file to spread and infect a computer or network. Telling your employees not to open emails from unknown senders is not enough. They need to be told that in so doing they risk losing all their work, their passwords and other confidential details to GFI Software | www.gfi.com 7
  • 8. Security threats: A guide for SMEs third parties. They need to understand what behavior is acceptable when dealing with email and web content. Anything suspicious should be reported to someone who can handle security incidents. Having open communication across different departments makes for better information security, since many social engineering attacks abuse the communication breakdowns across departments. Additionally, it is important to keep in mind that a positive working environment where people are happy in their job is less susceptible to insider attacks than an oppressive workplace. Endpoint security A lot of information in an organization is not centralized. Even when there is a central system, information is often shared between different users, different devices and copied numerous times. In contrast with perimeter security, endpoint security is the concept that each device in an organization needs to be secured. It is recommended that sensitive information is encrypted on portable devices such as laptops. Additionally, removable storage such as DVD drives, floppy drives and USB ports may be blocked if they are considered to be a major threat vector for malware infections or data leakage. Securing endpoints on a network may require extensive planning and auditing. For example, policies can be applied that state that only certain computers (e.g. laptops) can connect to specific networks. It may also make sense to restrict usage of wireless (WiFi) access points. Policies Policies are the basis of every information security program. It is useless taking security precautions or trying to manage a secure environment if there are no objectives or clearly defined rules. Policies clarify what is or is not allowed in an organization as well as define the procedures that apply in different situations. They should be clear and have the full backing of senior management. Finally they need to be communicated to the organization’s staff and enforced accordingly. There are various policies, some of which can be enforced through technology and others which have to be enforced through human resources. For example, password complexity policies can be enforced through Windows domain policies. On the other hand, a policy which ensures that company USB sticks are not taken home may need to be enforced through awareness and labeling. As with most security precautions, it is important that policies that affect security are driven by business objectives rather than gut feelings. If security policies are too strict, they will be bypassed, thus creating a false sense of security and possibly new attack vectors. Role separation Separation of duties, auditing and the principle of least privilege can go a long way in protecting an organization from having single points of failure and privilege creep. By employing separation of duties, the impact of a particular employee turning against the organization is greatly reduced. For example, a system administrator who is not allowed to make alterations to the database server directly, but has to ask the database administrator and document his actions, is a good use of separation of duties. A security analyst who receives a report when a network operator makes changes to the firewall access control lists is a good application of auditing. If a manager has no business need to install software on a regular basis, then his or her account should not be granted such privileges (power user on Windows). These concepts are very important and it all boils down to who is watching the watchers. GFI Software | www.gfi.com 8
  • 9. Security threats: A guide for SMEs Backup and redundant systems Although less glamorous than other topics on information security, backups remain one of the most reliable solutions. Making use of backups can have a direct business benefit when things go wrong. Disasters do occur and an organization will come across situations when hardware fails or a user (intentionally or otherwise) deletes important data. A well-managed and tested backup system will get the business back up and running in very little time compared to other disaster recovery solutions. It is therefore important that backups are not only automated to avoid human error but also periodically tested. It is useless having a backup system if restoration does not function as advertised. Redundant systems allow a business to continue working even if a disaster occurs. Backup servers and alternative network connections can help to reduce downtime or at least provide a business with limited resources until all systems and data are restored. Keeping your systems patched New advisories addressing security vulnerabilities in software are published on a daily basis. It is not an easy task to stay up-to-date with all the vulnerabilities that apply for software installed on the network, therefore many organizations make use of a patch management system to handle the task. It is important to note that patches and security updates are not only issued for Microsoft products but also for third party software. For example, although the web browser is running the latest updates, a desktop can still be compromised when visiting a website simply because it is running a vulnerable version of Adobe Flash. Additionally it may be important to assess the impact of vulnerability before applying a patch, rather than applying patches religiously. It is also important to test security updates before applying them to a live system. The reason is that, from time to time, vendors issue patches that may conflict with other systems or that were not tested for your particular configuration. Additionally, security updates may sometimes result in temporary downtime, for example when they require a machine reboot. Systems administrators often have to choose between installing security updates immediately and keeping the system up and running. Minimize exposure Simple systems are easier to manage and therefore any security issues that apply to such systems can be addressed with relative ease. However, complex systems and networks make it harder for a security analyst to assess their security status. For example, if an organization does not need to expose a large number of services on the Internet, the firewall configuration would be quite straightforward. However, the greater the company’s need to be visible – an online retailer, for example – the more complex the firewall configuration will be, leaving room for possible security holes that could be exploited by attackers to access internal network services. When servers and desktop computers have fewer software packages installed, they are easier to keep up- to-date and manage. This concept can work hand in hand with the principle of least privilege. By making use of fewer components, fewer software and fewer privileges, you reduce the attack surface while allowing for security to be more focused to tackle real issues. GFI Software | www.gfi.com 9
  • 10. GFI 1024 aug10 Security threats: A guide for SMEs Conclusion Security in small and medium-sized enterprises is more than just preventing viruses and blocking spam. This document aims to give managers, analysts, administrators and operators in SMEs a snapshot of the IT security threats facing their organization. Every organization is different but in many instances the threats are common to all. Security is a cost of doing business but those that prepare themselves well against possible threats will benefit the most in the long term. © 2010. GFI Software. All rights reserved. All product and company names herein may be trademarks of their respective owners. The information and content in this document is provided for informational purposes only and is provided “as is” with no warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, and non-infringement. GFI Software is not liable for any damages, including any consequential damages, of any kind that may result from the use of this document. The information is obtained from publicly available sources. Though reasonable effort has been made to ensure the accuracy of the data provided, GFI makes no claim, promise or guarantee about the completeness, accuracy, recency or adequacy of information and is not responsible for misprints, out-of-date information, or errors. GFI makes no warranty, express or implied, and assumes no legal liability or responsibility for the accuracy or completeness of any information contained in this document. If you believe there are any factual errors in this document, please contact us and we will review your concerns as soon as practical. GFI Software | www.gfi.com 10