Posts

5 Security Tips Small Businesses Can’t Afford to Ignore

/0 Comments/in , /by

I returned to Las Vegas earlier this month to attend the Black Hat USA 2015 hacker conference where I learned about the latest and most shocking vulnerabilities discovered by security researchers from around the world. It’s fascinating to see some of the incredible security exploits being demonstrated there which I thought were possible only in sci-fi films. But that’s not the case at the Black Hat convention where top researchers revealed what was once impossible to hack is now possible. In past years researchers published their findings on how computers, mobile devices, routers, wireless access points, webcams, security systems, and smart appliances such as televisions, refrigerators, and thermostats can be made to do things that they were never designed to do once they are taken control by skilled hackers. This year, the scariest headlines focused on hacked cars and Internet of Things (IoT) devices. Just imagine hackers taking complete control of cars in the middle of a busy highway and doing the unthinkable or turning printers, VoIP phones or other office devices into transmitters broadcasting decodable radio waves to send data. Attacks this sophisticated threaten the world’s economy, our daily lives and in some case, our national security. You quickly realize that even your most concealed data and individual safety are at heightened risk in today’s digitally connected world.

If you are a small business owner, how is this relevant to you? Many of these pieces of office equipment are at the core of your daily business operations. The ugly truth is that these devices are deployed and often neglected. This makes them unsecured and targets for exploitations because they are rarely patched once they are installed. Thus, many network intrusion entry points and data breaches have been known to occur through these devices unbeknownst to the company. Just because you are a small business, you may think you’re not worth breaking into. The reality is cyber-criminals know most small businesses have poor security practices, weak network defenses and vulnerable devices which makes them easy and lucrative targets for automated attacks because they have the same valuable information (e.g. personal, customer and financial) as larger organizations. CNBC recently reported that companies with less than 250 employees accounted for almost one third of cyber-attacks in 2014. With the hacking economy valued at several billion dollars annually, it’s almost certain there are plenty of malware developers out there who are bent by greed developing new hacking techniques to make their millions at the expense of small businesses.

If you are unsure about whether or not you have implemented enough security measures to protect your small business, we recommend that you immediately boost your cyber security defense posture. SonicWall Security offers the following security tips to help enhance your chance at preventing a data breach.

  1. Enforce a privacy policy if your business collects, handles or stores sensitive data including personal and financial information about your employees or your customers, you need to establish a privacy policy to ensure their information is protected and secured in compliance with legal obligations.
  2. Conduct annual security awareness training for employees social engineering, online fraud, phishing emails, fake websites and free software downloads are successful tactics commonly used by cyber-criminals to get users to inadvertently share personal or business details on social networks and voluntarily install malicious software such as fake anti-virus or computer clean-up tools that are ultimately used for nefarious purposes. Employee awareness and recognition of common security risks when accessing the Internet are the first important steps to prevent a network breach.
  3. Control access to data implement rigorous access policies where access to specific data should be granted only to those individuals who have a specific clearance and use of that data.
  4. Establish multiple layers of security
    1. Protect endpoint devices with strong password enforcement, two-factor authentication, disk encryption, anti-virus, anti-spam and web content filtering.
    2. Control network access with secure mobile access technology to identify and stop unauthorized access attempts.
    3. Combine multiple network defense capabilities including intrusion detection, firewall, web filtering, application control, and anti-malware protection to prevent unauthorized network access and stop malicious code from infecting the network.
    4. Subscribe to around-the-clock threat counter-intelligence services to receive continuous protection against new threats that emerge.
  5. Secure your Wi-Fi network – make sure your wireless access point Service Set Identifier (SSID) name is not publically broadcasted, default password is changed and access is restricted to authorized devices and users only with preset expiration dates.

For additional information about the latest network security technology and how it can help protect your business from today’s advanced cyber-attacks, download this exclusive, “Securing Your Small Business eBook“.

Download eBook

Wireless Firewall Solutions for Small Offices and Distributed Enterprises

/0 Comments/in /by

If you are a small office, I have good news; the new SonicWall TZ Wireless Firewall Series now has integrated wireless. In an earlier life, the startup I was working for had a small compact office; it would be the perfect candidate for the integrated wireless product. For many, where the office is spread out or occupies multiple floors, the ability to use Access Points for an external solution would be the way to go.

Stay ahead of the threats with a product that reduces your threat surface with the security solution used by the big boys. If you are concerned that your security solution is not cutting it, now is the time to consider taking a look at the new TZ Wireless Firewall Series.

Why this is important for business owners

For the business owner, building the business is what commands your attention. Behind this is the absolute desire to avoid negative press associated with a data breach. Looking forward, the question remains “how do I use emerging trends to grow my business?” The new SonicWall TZ series gives you the confidence to grow your business and avoid embarrassing press. Security can help grow your business because a secure perimeter can be seen as a differential advantage, especially when working with enterprise customers.

Business owners are always dealing with tight budgets and look for ways to get the most out of their investment. No need to cut corners here. Both the wireless and wired products are not only affordable but over time deliver an impressively low total cost of ownership. With the TotalSecure bundle, combined with the wide range of product capabilities, the price to buy and the cost to own is something that should warrant investigation.

Over the past several years, SonicWall has invested in security to become the go-to provider of broad security solutions. With the SonicWall TZ products, there is a complete line of wired and wireless network security solutions that fit any type of business small to large. The TZ series enables businesses to achieve the same level of security on the wireless LAN that they have on their wired LAN through integrated wireless or by attaching an 802.11ac SonicWall SonicPoint wireless access point to the firewall. This high-speed “wireless network security” solution protects the WLAN by scanning wireless traffic for threats.

Why this is important for IT managers

For the small business, the IT department may be only one person. The focus is on maintaining a high performance network. The SonicWall TZ series can make the network more efficient by allocating the more bandwidth to important applications over the less important and unproductive apps. The moment you add remote or branch offices, the network becomes more complex. By deploying the same firewall across networks, the efficiencies found with one network expand to include all networks. Instead of complexity, you get simplicity.

Highly effective security can also make the life of an IT manger simpler as well. The security perimeter is much more robust when everyone has the same device and everyone can speak a common language. Our security engine is common to all of our products and has been recognized not only for security effectiveness, but value as well. Compared to Cisco we are more affordable; compared to Fortinet, we perform better; and compared with Palo Alto, we have a wider product offering for small businesses. With the multiple products we offer, there is a solution designed to fit your specific needs and your budget.

Network security is not a one shot event; it is a long-term race with many twists and turns. If you followed the Tour De France, you can see plenty of similarities. If you are going to wear the yellow jersey you need to be a leader but you also need a strong support team to help you can meet the challenges of the road ahead. In the security race that means that you need the latest technology and a strong team supporting you. Let SonicWall ‘s winning products bring a new level of performance to your security race.

Download eBook

Why Dual-Radio Wireless Makes Sense

/0 Comments/in /by

You’ve decided to make the move to high-speed wireless. Maybe you’re upgrading to 802.11ac or you’re building a new wireless network from scratch. Either way, you’ve got to decide whether the access points you’re going to purchase will have a single radio or dual radios. If price is an issue, choosing an access point with only one radio will save you a little money. However is that the best decision for your wireless networking needs? Here’s why purchasing dual-radio access points makes financial and practical sense.

Dual-radio access points offer several advantages over those with a single radio.

  1. Extend your investment in 802.11x standards – An access point with two radios allows you to dedicate one radio to 802.11ac clients (laptops, tablets and smartphones) and the other to legacy 802.11b/g/n clients. If you still have a significant investment in devices supporting older wireless standards, a dual radio access point helps you extend that investment until you’re ready to upgrade.
  2. Use bandwidth-intensive services – Similarly, dual-radio access points allow you to dedicate one radio to services such as Voice over IP, streaming video and others that take up large amounts of bandwidth while your clients connect to the other radio without being negatively impacted by the services.
  3. Enhance wireless security – Having multiple radios enables you to enhance the security of your wireless network in two ways. First, you can use one radio for employees and provide them with access to internal resources while everyone else (guests, partners, etc.) connects to the second radio which offers internet-only access. Second, having a second radio allows you to use one for wireless intrusion detection and prevention scanning including scanning for rogue access points while the other is used to provide client access. Having only one radio would require all users to disconnect in order to perform the scan and then reconnect again later.
  4. Achieve better signal quality – The 802.11ac wireless standard operates in the less-crowded 5 GHz frequency band, providing better signal quality. Dedicating one radio to 5 GHz and the other to 2.4 GHz enables you to take advantage of the higher signal quality 802.11ac offers while still supporting legacy 802.11b/g/n clients over 2.4 GHz thanks to backward compatibility.
  5. Realize higher client capacities – Very simply, an access point with two radios allows you to have more WiFi-enabled devices connected at the same without experiencing signal interference.

Secure, high-speed wireless

If you have access points with multiple radios then you’re in position to realize the advantages listed above. If you’re looking at purchasing new access points, consider the benefits dual-radio solutions provide over those with a single radio. SonicWall offers several dual-radio access points as part of its SonicPoint Series. The SonicWall SonicPoint ACe and SonicPoint ACi feature two radios, one dedicated to 802.11ac and the other to 802.11n, while the SonicPoint N2 includes two 802.11n radios. Read more about the SonicPoint Series and how these secure, high-speed access points can help your organization.

Download White Paper

Tips for Deploying Wireless in Your Small Business

/0 Comments/in , /by

As a product manager in the security industry I have the opportunity to travel all over the world. On my trips it’s been very rare that I’ll find a location that does not provide some sort of wireless access. Even the most remote locations that may have a small coffee shop, eating establishment or small gathering area offer WiFi. Today it should be a no brainer for businesses of all kinds to provide wireless access to employees and maybe even extend this to their guests.

Most employees use mobile devices such as laptops, smartphones and tablets. Looking at the latest laptop models online most, if not all, come standard with an 802.11ac wireless adapter and you would be hard pressed to find a smaller laptop that has a LAN network interface which does not require an additional dongle or add-on cable.

Now let’s look at what it will take to roll out a wireless deployment for a small business properly and securely.

To begin with, initiate a site survey for the building. This will help you figure out how many access points you will need to provide awesome wireless coverage throughout the structure. It will also enable you to determine whether there are any issues with walls, microwaves or anything else that may interfere with the wireless signal.

Next, decide if you want to provide guest access. If you do, you will need to understand the wireless security requirements you’ll need to enforce, such as setting up a virtual access point, enforcing the use of encryption or leaving the guest access open, but requiring authentication to a captive portal, similar to what airports may use before guests are able to access the internet.

For employee wireless security you can require standards-based WPA2 encryption and decide if you will use PSK or EAP which require an authentication server. For an additional level of security you can mandate the use of SSL VPN to access company resources over the wireless network.

With this new wireless network you will also need to take into consideration the security of the traffic going into and out of the wireless network for both employees and guests. This may include adding content/web filtering as a way to limit access to sites that could contain malware, and scanning all traffic through a deep packet inspection engine to look for potential intrusions and malware-based attacks that could impact employee or guest devices.

Additionally, you will want to enforce application-level bandwidth controls on the wireless network to ensure employees and guests don’t consume all the Internet bandwidth watching HD movies or downloading content.

Now that you’ve read through some of the basic requirements for deploying a wireless network, it might be a good time to get in contact with your local reseller or partner who can help with the planning, deployment and ongoing management of your wireless network.

download white paper

Six Steps to Securing WiFi in a Small Business

/0 Comments/in , /by

In my job at SonicWall, I talk to a lot of people about IT security. One thing I hear a lot of the time from small business owners is something along the lines of “Why would anybody target me? I am just a small company. They would much rather go after big companies.” While this is very true for highly targeted attacks, where a highly motivated and funded attacker is going after a well-known entity, it is simply not true for the majority of attacks which are much more opportunistic in nature.

Let me give you an example. Let’s say you own a local insurance agency in a retail complex. You rely heavily on your computer system to connect to the insurance company and share information about the policies that you need to write. In the business, we call that “private customer information” and it is what you need to protect. Now, let’s assume you have a broadband connection and a consultant who has helped install and maintain your network including the security component. So far, so good.

Next, you decide you would like to add WiFi to your network so you and clients can connect more easily. You decide to go down to the local box store and purchase an off the shelf consumer class wireless access point and connect it to an open port in your office. You skip quickly through the startup menu choosing “quick start” and are up and running in a few minutes. Great, right? Not so fast. Most likely some of the steps you skipped over had to do with securing the wireless traffic, but that is difficult and requires some thought so you decided to do it later, which never happened.

At this point, you have a very secure wired network and an unsecured wireless network. Now, next door is a fast food restaurant with a lot of teenage kids who rotate in and out based on the season. One of them happens to be a wanna-be hacker, who notices a wide open wireless network and decides to investigate. She finds that she can connect to the wireless network and not only get wireless access, but also see the files on your computer, because you allow file sharing! And worse, she can see the private customer information that is so important to not only your local agency but also the nationwide company. And in a fit of teenage rebellion or altruism, she decides to download the customer data and then sends it to the nationwide agency to show them that one of their agents is not being responsible with their customer’s data. That is known as white hat hacking, and she is actually doing your insurance company a favor. Imagine if a neighbor with less noble intentions had been able to extract the data.

This is just an example, illustrating why wireless security is so important. Here are some tips to help you keep this fictional scenario from becoming a reality.

  1. Utilize a firewall with integrated wireless security that simplifies the implementation of wireless network security.
  2. Leverage deep packet inspection on the firewall to scan all traffic to and from the wireless users’ computers for viruses, malware and intrusions that may have been brought in from the outside.
  3. Since many websites are now leveraging SSL encryption to protect user data, make sure that your wireless network security solution can decrypt and scan encrypted traffic.
  4. Look for wireless network security solutions with wireless intrusion detection and prevention to block rogue access points and minimize the disruption from denial of service attacks.
  5. Apply application control to block unauthorized applications from being used on the wireless network.
  6. Set up a secure wireless guest network with encryption for your guests if you want to allow your customers to use WiFi in the lobby or conference rooms.

This is just one hypothetical example of what can happen if you don’t take security seriously. To learn more about wireless security, here is a quick and easy infographic with more information on this important topic.

Follow me on Twitter: @johngord

DOWNLOAD INFOGRAPHIC