At AINEO, we know a lot about security because several hundred companies are relying on our engineers to keep things safe and secure. We have given advice on how to keep individual computers save and secure. However we wanted to take a few moments to talk about the overall network. What does that mean? Let us give an example.
Occasionally, one of our directors sends out an email to a list of friends and a few acquaintances of various funny commercials and jokes that he receives via email. About a year ago, he received and email from an “IT consultant’s saying” I don’t share your sense of humor. Your attachments could have a threat, so I have deleted everyone one of them.” Being a person of common sense, the first thing he thought was how could someone know if they share someone else’s sense of humor if the humor was completely in the form of video attachments to emails? In actuality, the IT consultant’s response was more hype than reality if he had competent IT skills. Besides how can you know if you share someone’s interests if you don’t first watch the video. Frankly, every incoming and outgoing email at AINEO is scanned by four separate engines for all threats. The chance of getting some type of nasty attack through AINEO servers is zero.
That was a reminder that some people are a bit behind in their security. Even people who say they are supposed to experts in the field. Clearly the above mentioned consultant should have been running full security tools on his mail server. Hands down, GFI Software has the best tools available. Every exchange server should be running GFI Mail Security and GFI Mail Essentials to protect their system. Many enterprises run the same anti-virus software on their Exchange Mail servers as they do on the rest of their network, which we highly recommend against. If the one engine allows a virus through, it will propagate across the network as the engine is the same across that network. Running multiple anti-virus engines with the combination of dedicate Trojan and executable engines as well as high end content checking rules increases and diversifies your protection from malicious attacks.
As your email server traditionally, is the most highly targeted point for mass malicious attacks, it is vital that you harden your defenses at this level. If you are running solid tools on your mail server, spam, viruses, and phishing emails should be a thing of the past. Not sure? Try this test
Attacks via email are declining because people know their game. You have to keep on top of it, however email based breaches have become more difficult for the hacker. Therefore, these computer thieves have changed their tactics. The new horrible attacks are actually coming through websites. The important thing to secure in the organization is actually port 80. Port 80 is the incoming port that brings internet access to your users. Through port 80 of your router, your organization views websites of customers, partners, and vendors. But through this same port you can get compromised sites loaded with key-logging software (self-installing software that logs all your key strokes) trying to pick up important passwords or any other financial information. These sites are not just clearly compromised shady sites on the net.
Samsung USA was famous for having their site hacked by someone. When a visitor would view their site, the compromised site would try to install software onto the web visitor’s PC. Samsung was notified, but very slow to remove the threat from their corporate site. It goes to show even if you are a bit Asian corporate, you’ll still have to pay attention to the details. They could have ended up in court from people upset about their computer being infected by Samsung’s site.
The point is you really have to secure your enterprise (company, organization) from the threats that come via the internet.
How do you secure port 80 of your network, PCs and people from the threats? A huge step is having good up-to-date virus protection on your workstations (PCs). AINEO does recommend Symantec Antivirus on the desktop computer only if you are not running it on the server-side. Symantec should be installed on all your PCs that are connecting to the internet. AINEO Recommendations are
1) Keep Symantec Antivirus up to date. It will help protect you from infected sites.
2) Do not allow any users to run machines on the network as administrators.
3) Do no click on pop up windows saying click “yes” to accept are license agreement. That “yes” could actually install some type of malicious software
Finally, we’ve saved the best for last. A good firewall is detrimental. At AINEO we’ve tested and used all the products. Many of our customers have found the best way to secure the entrypoint into their network is a good firewall. We find the Microsoft ISA product as the most solid product. The best part is you don’t have to pay annual maintenance fees to Microsoft as they are continuing to do the support and development for as long as you use the product. You can find on isaserver.org The company GFI we mentioned about has a package that adds more features to your ISA called Web Monitor.
Keep up with AINEO insights for more useful information on having the best network possible. Let us know if you have any questions.
The AINEO Tech Team