Q&A: Using security software to protect your business


Richard CollinsWhere should you start when it comes to choosing and using security software for your business?

Richard Collins is managing director of IT consultancy, support and security firm Signal Networks.

He reveals what to look for in security software - and explains why having the right package on your computer is only one part of staying safe.

What are the main security threats facing businesses?

"Many security threats come from the internet. Traditional viruses and malicious software - usually shortened to 'malware' - still pose problems. However, these days your business is increasingly likely to face 'zero day' threats.

"A zero-day threat is a virus or piece of malware that has not been seen before. This means your security software might not know about it, and might therefore find it difficult to detect.

"It's easier than ever for online criminals to create zero-day threats by adapting existing pieces of malware, which is why they're more common.

"Often, online criminals will target flaws in common pieces of software. Traditionally, people have blamed Microsoft for this, but the landscape's changing - software made by other firms is often affected, too.

"Finally, one of the biggest threats to any organisation comes from its own staff. Employees don't necessarily act with malice, but they may click suspicious links without thinking or disable security software to speed up their computers, putting the network at risk."

What software will protect against these threats?

"It is important to have security software. Make sure you have a best-of-breed anti-virus product. That goes for people using Macs as well as PCs, because there are more threats out there targeting Macs.

"Look for a package offering 'heuristic protection', because this means it may be better at spotting zero-day threats too.

"Get a software-based firewall too. This will analyse the data coming into and leaving your computer and should block anything that looks suspicious. Most security packages include a firewall, but make sure you get one that lets you know which programs on your computer are trying to access the internet as well as alerting you to suspicious inbound traffic.

"Highly-rated security packages include those from Eset, Kaspersky, Symantec and McAfee. If you're using a Mac, Apple's underlying operating system has a very good firewall built in, so make sure it's turned on. You can use a piece of software called Little Snitch to see network activity, too."

What other security precautions are important?

"As well as having firewall software on each computer, get a stateful hardware firewall too. This is a piece of equipment that sits between your company network and your internet connection, inspecting web, email and other traffic for threats. A good firewall can also filter dangerous or inappropriate websites and spam. Some models will keep a log of all traffic too, which can help you with compliance.

"The router that came free with your internet connection may include a basic hardware firewall, but it probably only checks incoming internet traffic. It's important to have a firewall that monitors outgoing traffic too.

"Keep all the software on your computers updated. Secunia's PSI Audit software will check for updates to all software on your computer and give you an overall 'risk score'."

What about the dangers posed by employees?

"You do need to address the threats that can be caused by your staff, but software can't help you with this so much. To be honest, a lot of people don't really put much thought into considering whether an email or link might be a security risk. Education is key to preventing this, along with a spam filter that checks email attachments for dangers.

"It's human nature to be inquisitive - to want to click things and to open files - so you need to address these risks as best you can. Make sure you have an acceptable use policy, so your people know what they can and can't use company computers for. Then take every opportunity to remind staff about the dangers.

"You should also think about whether staff need permission to install their own software or to load data from USB drives and CD-ROMs. Consider restricting their ability to do so. If you're unfamiliar with access levels and permissions, get advice from your IT supplier."

What are the biggest mistakes businesses make?

"It's common for companies to disable their security software because they think it's making their computers run slowly. However, if the computer is relatively new, the software probably just needs tweaking. In any case, you should never disable it. It's a good idea to restrict the changes your staff can make to the security software on their computers.

"Ultimately, the biggest single mistake is that people tend to think that if they have security software, that means they're 100% secure. The reality is that you're never totally secure - and software is only one of the precautions you need to stay safe."