We think you have liked this presentation. If you wish to download it, please recommend it to your friends in any social system. Share buttons are a little bit lower. Thank you!
Presentation is loading. Please wait.
Published byClayton Loach
Modified over 2 years ago
1©2013 Check Point Software Technologies Ltd. [Protected] Non-confidential content Top 10 Security Best Practices for Small Business Small business need cyber security too. This slide show touches upon 10 of the top security best practices that small business should consider when protecting their network. Instructions: Slide show may start automatically or click slideshow in PowerPoint. Navigate to next slide with down arrow or spacebar, go back with up arrow, Esc. to exit.
2©2013 Check Point Software Technologies Ltd. 1. Common Passwords are Bad Passwords Passwords are your first line of defense when it comes to security. Cybercriminals trying to break into your network will start their attack by trying the most common passwords. SplashData uncovered the 25 most common passwords and you may not believe what some people are using. Ensure your users are using long (over 8 characters), complex (include lower case, upper case, numbers and non alpha characters) passwords. Top Security Best Practices for SMB 1 password 2 123456 3 12345678 4 abc123 5 qwerty 6 monkey 7 letmein 8 dragon 9 111111 10 baseball 11 iloveyou 12 trustno1 13 1234567 14 sunshine 15 master 16 123123 17 welcome 18 shadow 19 ashley 20 football 21 jesus 22 michael 23 ninja 24 mustang 25 password1 The 25 Most Common Password (if you have one of these, change it NOW!) Source: http://www.splashdata.com/press/PR121023.htm [Protected] Non-confidential content
3©2013 Check Point Software Technologies Ltd. 2. Secure Every Entrance All it takes is one open door to allow a cybercriminal to enter your network. Just like you secure your home by locking the front door, the back door and all the windows, think about protecting your network in the same way. Consider all the ways someone could enter your network, then ensure that only authorized users can do so. Ensure strong passwords on laptops, smartphones, tablets, and WIFI access points Use a Firewall with Threat Prevention to protect access to your network (like the Check Point 600 Appliance) Secure your endpoints (laptops, desktops) with security software such as Anti-virus, Anti-SPAM and Anti-Phishing Protect from a common attack method by instructing employees not to plug in unknown USB devices [Protected] Non-confidential content Top Security Best Practices for SMB
4©2013 Check Point Software Technologies Ltd. 3. Segment Your Network A way to protect your network is to separate your network into zones and protect the zones appropriately. One zone may be for critical work only, where another may be a guest zone where customers can surf the internet, but not access your work network. Segment your network and place more rigid security requirements where needed. Public facing web servers should not be allowed to access your internal network You may allow guest access, but do not allow guests on your internal network Consider separating your network according to various business functions (customer records, Finance, general employees) [Protected] Non-confidential content Top Security Best Practices for SMB
5©2013 Check Point Software Technologies Ltd. 4. Define, Educate and Enforce Policy Actually HAVE a security policy (many small businesses dont) and use your Threat Prevention device to its full capacity. Spend some time thinking about what applications you want to allow in your network and what apps you do NOT want to run in your network. Educate your employees on acceptable use of the company network. Make it official. Then enforce it where you can. Monitor for policy violations and excessive bandwidth use. Set up an Appropriate Use Policy for allowed/disallowed apps and websites Do not allow risky applications such as Bit Torrent or other Peer-to-Peer file sharing applications, which are a very common methods of distributing malicious software Block TOR and other anonymizers that seek to hide behavior or circumvent security Think about Social Media while developing policy [Protected] Non-confidential content Top Security Best Practices for SMB
6©2013 Check Point Software Technologies Ltd. 5. Be Socially Aware Social Media sites are a gold mind for cybercriminals looking to gain information on people, improving their success rate for attacks. Attacks such as phishing, spearphish or social engineering all start with collecting personal data on individuals. Educate employees to be cautious with sharing on social media sites, even in their personal accounts Let users know that cybercriminals build profiles of company employees to make phishing and social engineering attacks more successful Train employees on privacy settings on social media sites to protect their personal information Users should be careful of what they share, since cybercriminals could guess security answers (such as your dogs name) to reset passwords and gain access to accounts [Protected] Non-confidential content Top Security Best Practices for SMB
7©2013 Check Point Software Technologies Ltd. 6. Encrypt Everything One data breach could be devastating to your company or your reputation. Protect your data by encrypting sensitive data. And make it easy for your employees to do so. Ensure encryption is part of your corporate policy. Sleep easy if laptops are lost or stolen by ensuring company owned laptops have pre-boot encryption installed Buy hard drives and USB drives with encryption built in Use strong encryption on your wireless network (Consider WPA2 with AES encryption) Protect your data from eavesdroppers by encrypting wireless communication using VPN (Virtual Private Network) [Protected] Non-confidential content Top Security Best Practices for SMB
8©2013 Check Point Software Technologies Ltd. 7. Maintain your Network Like Your Car Your network, and all its connected components, should run like a well oiled machine. Regular maintenance will ensure it continues to roll along at peak performance and hit few speed bumps. Ensure Operating Systems of laptops and servers are updated (Windows Update is turned on for all Systems) Uninstall software that isnt needed so you dont have to check for regular updates (e.g. Java) Update browser, flash, Adobe and applications on your servers and laptops Turn on automatic updates where available; Windows, Chrome, Firefox, Adobe Use an Intrusion Prevention System (IPS) device like the Check Point 600 Appliance to prevent attacks on non-updated laptops [Protected] Non-confidential content Top Security Best Practices for SMB
9©2013 Check Point Software Technologies Ltd. 8. Cloud Caution Cloud storage and applications are all the rage. But be cautious. Any content that is moved to the cloud is no longer in your control. And cybercriminals are taking advantage of weaker security of some Cloud providers. When using the Cloud, assume content sent is no longer private Encrypt content before sending (including system backups) Check the security of your Cloud provider Dont use the same password everywhere, especially Cloud passwords [Protected] Non-confidential content Top Security Best Practices for SMB
10©2013 Check Point Software Technologies Ltd. 9. Dont Let Everyone Administrate Laptops can be accessed via user accounts or administrative accounts. Administrative access allows users much more freedom and power on their laptops, but that power moves to the cybercriminal if the administrator account is hacked. Don't allow employees to use a Windows account with Administrator privileges for day-to-day activities. Limiting employees to User Account access reduces the ability for malicious software (better known as malware) to do extensive damage at the "administrator" privileged level. Make it a habit to change default passwords on all devices, including laptops, servers, routers, gateways and network printers. [Protected] Non-confidential content Top Security Best Practices for SMB
11©2013 Check Point Software Technologies Ltd. 10. Address the BYOD Elephant in the Room Start with creating a Bring-Your-Own-Device policy. Many companies have avoided the topic, but its a trend that continues to push forward. Dont avoid the elephant in the room! It comes back to educating the user. Consider allowing only guest access (internet only) for employee owned devices Enforce password locks on user owned devices Access sensitive information only through encrypted VPN Dont allow storage of sensitive information on personal devices (such as customer contacts or credit card information) Have a plan if an employee loses their device [Protected] Non-confidential content Top Security Best Practices for SMB
12©2013 Check Point Software Technologies Ltd. [Protected] Non-confidential content Top Security Best Practices for SMB Protect Your Small Business with the Clear Choice Network World compared security gateway products on the market and chose the Check Point 600 Appliance as the Clear Choice to protect small business. For more information go to www.checkpoint.com/smbwww.checkpoint.com/smb Check Point is our Clear Choice Test winner… It has an appealing user interface, a lot of great security features, and is simple to manage and create new security rules - Network World
©2013 Check Point Software Technologies Ltd. | [Unrestricted] For everyone Best Practices to Secure the Mobile Enterprise Macy Torrey
INADEQUATE SECURITY POLICIES ›Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA.
David Wigley HCC Security Architect Security Trends for 2016.
Networks and Hackers Copyright © Texas Education Agency, All rights reserved. 1.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Presented by: Luke Speed Computer Security. Why is computer security important! Intruders hack into computers to steal personal information that the user.
Information Systems Security
Computer Security Sample security policy Dr Alexei Vernitski.
Understanding the benefits and the risks. Presented by Corey Nachreiner, CISSP BYOD - Bring Your Own Device or Bring Your Own Danger?
Principles of Information Technology
IT security By Tilly Gerlack.
Review Ch. 3 – Connecting to the Worlds Information © 2010, 2006 South-Western, Cengage Learning.
9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.
Threats to I.T Internet security By Cameron Mundy.
Lesson 9-Securing a Network. Overview Identifying threats to the network security. Planning a secure network.
!! Are we under attack !! Consumer devices continue to invade *Corporate enterprise – just wanting to plug in* Mobile Device Management.
CHC DI Group. What We Will Cover Securing your devices and computers. Passwords. s. Safe browsing for shopping and online banks. Social media.
Minding your business on the internet Kelly Trevino Regional Director October 6,2015.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Rebecca Pritchard.
Phishing scams Phishing is the fraudulent practice of sending s purporting to be from reputable companies in order to induce individuals to reveal.
10 Things You Can do to Secure Your PC Presented by Peter Nowak OIS Client Services Manager.
Malicious Attack Corporate Awareness and Walk through Date 29 September 2011.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Norman SecureSurf Protect your users when surfing the Internet.
Cyber Security: Today’s Threats and Mitigations Jonathan Homer, Cyber Security Analyst Idaho National Laboratory.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Kamran Didcote.
TECHNOLOGY GUIDE THREE Protecting Your Information Assets.
Spring 2014 RMS/EOC Proctor Caching Training. Agenda 2 Proctor caching overview Downloading & installing Cache test content.
Small Business Security Keith Slagle April 24, 2007.
© 2009 VMware Inc. All rights reserved View Pool Image Configuration Considerations for Gold Images around Application virtualization and performance.
PLUG IT IN 7 Protecting Your Information Assets. 1.How to Protect Your Assets: The Basics 2.Behavioral Actions to Protect Your Information Assets 3.Computer-Based.
Cybersecurity Test Review Introduction to Digital Technology.
How can IT help you today?. Agenda Why Do You Care? What Are The Risks? What Can You Do? Questions? How can IT help you today? 2.
Computer Security Keeping you and your computer safe in the digital world.
Computer Security By Duncan Hall.
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Security Awareness ITS SECURITY TRAINING. Why am I here ? Isn’t security an IT problem ? Technology can address only a small fraction of security risks.
Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
1 #UPAugusta Today’s Topics What are Deadly IT Sins? Know them. Fear them. Fix them. #UPAugusta201 6.
Chapter 9 E-Security. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES Security in Cyberspace Conceptualizing Security Designing for Security.
Chapter 12: How Private are Web Interactions?. Why we care? How much of your personal info was released to the Internet each time you view a Web page?
Lesson 30 Computer Safety and Ethics
Topic 5: Basic Security.
Internet Security In the 21st Century Presented by Daniel Mills.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 IT Essentials PC Hardware and Software 4.1 Instructional Resource Chapter.
Jeopardy Q 1 Q 6 Q 11 Q 16 Q 21 Q 2 Q 7 Q 12 Q 17 Q 22 Q 3 Q 8 Q 13
Layered Security Solutions - Simplified © 2008 Monte Robertson - CEO Layered Security Solutions – Simplified!
© 2017 SlidePlayer.com Inc. All rights reserved.