Vous êtes sur la page 1sur 4

AN INTRODUCTION TO INTERNET SECURITY

PROTECT YOUR BUSINESS FROM WEB-BASED


THREATS
Definition
internet security /intr net si y

rit /

un

Internet security is a branch of computer security whose objective is


to establish rules and measures to protect individuals and businesses
(their data and other assets) from web-based threats, such as
hackers, scams and malicious code.
Threats
Malware: a catch-all term used to refer to various types of malicious
software.
Phishing/spoofing: a type of scam aimed at obtaining a users
personal or confidential information. Phishing scams typically involve
some sort of spam email or social media message designed to lure a
user to a spoofed or fraudulent website.
Trends
For the first quarter of 2011, McAfee Labs recorded an average of
8,600 new bad sites per day. (McAfee Labs, McAfee Threats Report:
First Quarter 2011)
Whats a bad site? Domains, IP addresses, and URLs that host
malware, potentially unwanted programs, and phishing scams.
New vulnerabilities
Social media sites
Mobile devices/apps

AN INTRODUCTION TO INTERNET SECURITY

Microsofts 2011 Security Intelligence Report found that from the


beginning of 2010 to the end of the year, phishing attacks based on
social networks increased by 1200 percent.
Misconceptions
MYTH: Small businesses are less vulnerable to web-based attacks
REALITY: Of the data breaches investigated by the U.S. Secret
Service and Verizon Communications forensic analysis unit, 63
percent were at companies with 100 employees or fewer. Whats
more, because security is becoming tighter than ever at larger firms,
small business look increasingly tempting to hackers.
MYTH: I/my employees would never fall for an phishing scam
REALITY: Employees are a company's greatest security risk. The
results of phishing experiment conducted by the firm KnowBe4, which
provides web-based Internet security training to businesses, found
that employees at 43 percent of companies clicked the link in a
simulated phishing email sent from a reputable and trusted server.
Even when the email was sent from an unknown and untrusted
server, 15 percent of organizations still had one or more employees
who clicked.

The longer term concern is that while many of


us think that we are too savvy for online scams,
the research demonstrates otherwise.
Richard Clooke, online security expert at PC Tools

Challenges facing SMBs

Issue complexity
Lack of time
Cost constraints
Lack of expertise
Opportunity cost

AN INTRODUCTION TO INTERNET SECURITY

Many organizations dont have the tools and inhouse expertise to detect these threats, so
attacks and security breaches go unnoticed.
Gartner, Inc., Network Security Monitoring Tools for Lean Forward Security
Programs. February 2011

Safeguards
Tools
Anti-malware software (updated regularly)
Firewalls (firewalls create checkpoints between an internal private
network and the public Internet)
Network encryption: protocols include SSL and TLS for web traffic,
PGP for email, and IPsec for the network layer security
Actions/policies

Keep your operating system and applications current and patched


Limit access to your network
Establish rules/safeguards for remote workers
Promote awareness of common phishing threats
Work-from-home scams
Weight-loss claims
Lotteries and sweepstakes scams
Fake check scams
Imposter scams
Mystery shopper scams
Bogus apartment rentals
Miracle cures
Debt relief scams
Pay-in-advance credit offers
Investment schemes
The "Nigerian" email scam
Back up your data regularly
Back up your data regularly
Back up your data regularly
AN INTRODUCTION TO INTERNET SECURITY

Don't open any attachments in emails unless you know who sent it
and what it is
Download and install software only from websites you know and
trust.
Make sure your browser security setting is high enough to detect
unauthorized downloads
Use a pop-up blocker and don't click on any links within pop-ups
Wi-Fi security: Change the name and password of your router from
the default settings
Use WPA2 encryption whenever possible
Worth the trouble?
Yes! Improving your security posture will help your business:
Create a safe working environment for your team
Prevent pornographic, offensive, hostile materials from being
inadvertently distributed through your network
Reduce risk of costly network infrastructure damage
Promote workplace productivity (ensure your network is used for
business productivity, not as a recreational diversion)
Reduce liability (prevent employees from using your network to
conduct illegal activity)
Protect employee and business privacy

Interested in learning more about Internet security? Dont hesitate to


contact us!

AN INTRODUCTION TO INTERNET SECURITY

Vous aimerez peut-être aussi