Over a million developers have joined DZone.

5 Essential Strategies for SMBs to Build a Layered Security Solution in 2015

DZone's Guide to

5 Essential Strategies for SMBs to Build a Layered Security Solution in 2015

· DevOps Zone ·
Free Resource

Deploy code to production now. Release to users when ready. Learn how to separate code deployment from user-facing feature releases with LaunchDarkly.

Every now and then in the new you may come across a story detailing a data breach at a large company, such as Sony, HomeDepot, and even the United States Post Office. These types of stories make the news because they are huge companies, and a data breach potentially affects hundreds of thousands of consumers and employees. Data breaches can lead to identity theft, a loss of sensitive data, and other problems that can wreak havoc on a large company.

What doesn't often make the news is the fact that thousands of other smaller businesses also suffer data breaches on a daily basis, as they tend to be even more vulnerable than larger companies. You might think your business and its data and network are secure, but are you entirely certain that you have provided the best security possible for your company? A data breach can be detrimental to a small company, as it can ruin consumer trust and also cause you to lose important data that is entitled to help your company run.

Data security is certainly nothing to take lightly, and you or your security team must consider important security strategies in order to ensure that the risk of a breach is kept to the lowest minimum possible. Do not wait until it is too late—consider these important strategies for security now.

1. Antivirus Program

First and foremost, you must have a reliable, up-to-date antivirus program installed on your network and any computers in your office, as well as portable laptops and other devices used for the business that employees may take with them out of the office. An antivirus program, along with a firewall, is your best line of defense against hackers, viruses and malware. However, not just any antivirus program will do—the best type of application you can get today is a cloud-based antivirus program, because this type of software is capable of updating itself automatically, so that it is always up to date and prepared to defend against newly developed threats. Other antivirus programs rely on you to manually download and install updates, leaving ample time for hackers to take advantage of security flaws in older versions of the software.

2. Update software and devices

In addition to making sure that your antivirus program is up to date, you must also keep all your devices and other programs, such as your browsers, up to date with the latest patches as well. Updates for your system software often include additional security updates designed to eliminate security flaws and other loopholes that hackers may have been able to exploit, especially in your browsers, which are a prime tool used by hackers for installing malware on your system.

3. Use, strong, secure passwords

One cannot stress the importance of strong passwords, as well as ensuring that no one who is not authorized to gain access to specific sites and accounts gain access to those passwords. It is highly recommended that you and your employees are properly trained on how to create strong, unhackable passwords, which often include upper and lower case letters, numbers, and special characters. And it is also recommended that you use different passwords for each account in case there is a breach, so that hackers or someone else unauthorized does not gain access to all accounts with a single password. You can use a password management tool to help you manage and remember all the different passwords you might use.

4. Keep personal information and sensitive data secure

Many employees often work from home or in other locations these days, but if they do so, they should make sure that they are on a secure network. Accessing accounts and sensitive data when in public places using a public network such as the Starbucks network and an airport network leaves you open to hackers that may hijack your signal and easily gain access to all that the individual has on their computer, as well as passwords and usernames. Only access account when on a network that is secured by a password so that no one else can gain unauthorized access to sensitive and personal information.

5. Keep away from potentially dangerous websites

Malware is often downloaded unknowingly from users who visits questionable websites and download files that are actually malware in disguise. Gaming sites, illegal download sites offering music and video, and many others are notorious for this. Users should also never complete a download that appears to start automatically when you visit a page, as this can also be malware in disguise, masquerading as an "important Flash update" or some other file that you or your employees might think that you need.

Deploy code to production now. Release to users when ready. Learn how to separate code deployment from user-facing feature releases with LaunchDarkly.


Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}