Five regular checks for SMBs - harlan4096 - 29 July 20
Quote:
Five things that, if neglected, can cost SMBs dearly.
It is not always economically viable for small and medium-size businesses to maintain a dedicated IT security team, so it often happens that one person is in charge of monitoring the entire infrastructure. Sometimes he or she is not even a permanent, full-time employee.
Sure, a good administrator can do a lot, but even a pro might miss something, particularly if issues are mounting and time is short. So, it’s worth establishing a few habits. Here are our Top 5 regular checks.
Renew the corporate site security certificateAny website that requests or processes user data must have an SSL certificate. It protects information entered by visitors from being intercepted, and almost all modern browsers warn users that sites without an SSL certificate are insecure. That can scare off potential customers.
Your website most likely has an SSL certificate, but its validity period is limited. Depending on the certification authority, it will need to be reissued every three, six, or twelve months. Therefore, we recommend setting a reminder in your calendar about certificate renewal.
Update router firmwareThe older the software, the more likely it is to contain vulnerabilities, so it’s critical to keep all software up to date. Workstation operating systems and applications themselves usually notify users when updates become available to install. But if you’re still worried about missing an important patch, use our corporate products, which contain an entire subsystem for tracking fresh vulnerabilities and fixes for them.
That said, it is not only employees’ computers that need updates. Routers also have built-in software — firmware — which over time likewise becomes outdated and vulnerable. Cybercriminals can then exploit the old firmware to infiltrate the corporate network. Unlike software on workstations, SOHO routers generally do not send notifications when the firmware is out of date, so updates have to be done manually.
Therefore, it’s important to inventory all corporate network equipment, and at least every couple of months check the administration console to see if a new version of the router firmware has appeared. If the console has no function to check for updates, you need to do it yourself on the manufacturer’s website. And if some devices are outdated and no longer supported, you should think about replacing them; vulnerabilities in such models will remain unpatched forever.
...
Continue Reading
|