Network Security Checklist for SMBs

Our network security checklist for SMBs acknowledges the fact that many small-to-medium sized businesses do not have the resources to dedicate to their network security. However, network security is essential. Without protection against hackers and malware, an SMB´s survival could be under threat.

Consequently, our network security checklist for SMBs contains common sense approaches to network security that can be implemented for little or no cost. Indeed, it is in an SMB´s best interest to adopt these best practices before even considering a “comprehensive security solution” software package – which would be ineffective without first taking the steps below.

Start by conducting a risk assessment

The first item on our network security checklist for SMBs is to assess your risk levels and the consequences of an attack on your network. In order to do this, you will need to know:

  • What information is stored
  • How is it stored
  • Who has access to the information
  • How is the information protected
  • What would be the consequences of a successful cyber-attack on your business

Develop an acceptable usage policy

Most hackers use the weakest link in your network security to launch attacks – your employees. Consequently it is essential that you develop an acceptable usage policy to advise your employees how they should use systems and resources while at work. Some factors you may want to consider when compiling an acceptable usage policy include social media use and the use of private devices (including USBs) in the workplace.

The policy should be accompanied by appropriate employee training. This will help you to assess whether you employees understand acceptable usage and can identify security risks. The U.S. Chamber of Commerce has an excellent online “Test Your Internet Security IQ” quiz that can be printed off and distributed among your employees. The results are likely to surprise you.

Change your passwords regularly – all of them!

Most business owners will be aware of the necessity to change user passwords regularly, but how often is regularly? Once a year? Once a quarter? In order to develop solid network security, you should be changing passwords at least once a month – and not just those of your user accounts.

Servers, routers and switches all have passwords (or should have). When was the last time you changed your Wi-Fi password? Also remember that many devices have default passwords. You should change them immediately after installation and then change them regularly thereafter.

Identify your vulnerabilities

There are plenty of free online tools that offer network security checks, but you have to be careful to use a reputable one to ensure you are not infecting your system with hidden malware. Metasploit is one of the best resources for network security testing we have identified. For identifying vulnerabilities on individual operating systems and devices, we recommended choosing from the list provided by StaySafeOnline.

Protect your network against malware

Having just mentioned malware, this seems a good time to include the subject in our network security checklist for SMBs.

You can protect your network against malware by using some existing tools in your system – for example in browser settings. You should strengthen your protection by adjusting the content filters, pop-up blockers, cookie and certificate settings. This not only needs to be done on all your company´s hardware, but on personal mobile devices if they connect to the company´s Wi-Fi.

One wise investment is an email filter. Spammers often use emails as a means to con employees into exposing network vulnerabilities, but if the emails do not arrive in employee inboxes, the risk is eliminated. An email filter is not necessarily an expensive investment, and it can be deployed in various ways to filter out the potentially catastrophic consequences of an employee clicking on a link which allows a hacker to install malware on your network.

Avoid data loss and data lock with back ups

According to research conducted by Kroll Ontrack, 40 percent of data loss is attributable to human error – either due to inadvertently deleting a file or folder, or by spilling a drink on a piece of IT hardware. Regular backups ensure that the data can be recovered with minimal disruption.

Regular backups also prevent your company being held to ransom if ransomware is installed on your network. Ransomware encrypts all your data with a key that only the person demanding the ransom has access to. The threat of your company being held to ransom can be eliminated if you are able to restore data from a recent back up.

There is a variety of back up options available for SMBs – file or volume synching, cloud backup, traditional backup software, and replication. The most appropriate option will depend on the volume of data your company produces.

Control software installations

Controlling the installation of software on the server or on any device is especially important because software is increasingly open-source and could introduce new vulnerabilities. For example, it may be convenient to install remote access software on your server, but this provides potential attackers with another gateway to penetrate your network. Software installations should be decisions you make with the same considerations as with other business decisions – weighing up the benefits against the risks.

Similarly the use of personal devices or software-as-a-service (SaaS) applications can also introduce risks to the network´s security. The use of personal devices and SaaS applications should have the same controls as would be applied to on-site company resources to avoid data loss, the installation of malware on the network and attacks from hackers.

Don´t ignore software updates

The final box to tick on our network security checklist for SMBs is not to ignore software updates. Software updates are released for a purpose – usually to patch vulnerabilities that have been discovered since the software´s installation.

From a security perspective, it is essential to apply software updates as soon as they are released. This applies to operating system software (Windows, Mac OS, Linux), security software such as antivirus software and standard programs. Some network security solutions have automatic software updates, and you should choose these whenever such an option is available.