SlideShare a Scribd company logo

Securing Your Small Business Network

Download as PPT, PDF
Anindita Ghatak, profile picture
Anindita Ghatak

This document discusses security risks facing small businesses and recommends practices to secure small business networks. It outlines types of online risks like viruses, worms, hackers, spyware and phishing. It calculates the potential financial impact of security breaches and downtime. The document recommends security best practices and provides an overview of Symantec security solutions.

BusinessNews & Politics
1 of 23
Downloaded 17 times
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
Securing Your Small Business Network
Introduction Types of Online Risks Small Business Network Vulnerabilities Calculating the Impact Recommended Security Practices Overview of Symantec Solutions Agenda 1 2 3 4 5 6
The Internet Has Changed Business Forever Turn back the clock 10 years… Did you have an email address? Web access? A Web site? The Internet has redefined business dynamics 48% of small businesses in the U.S. have Web sites 163 million Americans have an email address 185 million Americans use the Internet The good news is that you can: Gather information more quickly Increase communications with your customers/vendors Transact business more efficiently Sources: Pew Internet Survey 2004, Computer Industry Almanac, 2004 Kelsey Group, 2004
The Bad News: Computer Security Risks Did you realize that you open your business to potential risk whenever you… Download something from the Web? Open an email attachment? Leave your computers connected to a broadband connection? Insert removable media (CD-ROM, DVD-ROM, flash drive) into one of your business’s computers? Access the Internet wirelessly? Let a guest user onto your business network? The security of your business is up to YOU!
The Impact of Poor Security Over $11 billion in damages worldwide Between just a few months: Feb. 2004 and May 2004 From just MyDoom, Netsky, Bagel, and Sasser virus outbreaks Source: Computer Economics, Inc. June 2004
The Impact of Poor Security U.S. CSI/FBI Survey (among 269 respondents) * Estimated total loss of $141 million due to virus outbreaks in 2003 19% in small businesses with <100 employees $524K average loss per respondent Attack types and percent experiencing them Virus outbreaks 78% Internal abuse of Web access 59% System penetration 39% An estimated 57MM Americans have received emails from “phishers” (Gartner, May 2004 survey) Cost of phishing attacks to U.S. banks in 2003 $1.2b (Symantec) * Source: CSI/FBI Computer Crime and Security Survey, 2004
What Are You Up Against? Types of Risks Malicious Code Worms, Viruses, Trojan Horses Hackers Information theft/Privacy Violations, Spyware, Phishing, Denial of Service, Application Vulnerabilities Time Wasters Adware, Spam Email, Popup Ads, Data Loss
What Are You Up Against? Malicious Code Virus A malicious program that attacks PCs and Macs by infecting other files on the computer Worm A malicious program designed to spread itself to as many other computers as possible via the Internet, sometimes taking over the victim’s email address book Trojan Horse A malicious program that pretends to be a useful or friendly program, such as a screen saver, game or other type of utility Source: SecurityFocus The “Blaster” worm alone inflicted $1.3 billion in damage to U.S. Businesses in 2003
What Are You Up Against? Hackers Privacy Violations Intrusions into your business’s computer systems for personal information belonging to you, your company or your customers, often credit card numbers Spyware Small applications that monitor your Web usage and report it to a marketing service Key stroke loggers that capture data and steal passwords Phishing Fraudulent schemes in which a hacker pretends to be a legitimate company or authority to get you to reveal personal information willingly Denial of Service An attack that ties up a Web server so that your customers, vendors, and partners can’t access your site Source: CSI/FBI Computer Crime and Security Survey, 2004 70% of businesses reported at least one security breach from external sources this year
What Are You Up Against? Time Wasters Adware Software that displays banner ads even when the host computer is not connected to the Internet Spam, Popup Ads Spam email: unsolicited email, often sent under false pretences Popup Ads: ads that open in a new browser window on top of the Web page you were viewing Source: Symantec/Brightmail, 2004 As much as 65% of all email traffic in 2004 is spam
Evolution of Virus/Worm Threats We’ve reached an inflection point where the latest threats now spread orders of magnitude faster than our ability to respond with traditional technology months days hrs mins secs Contagion Period 1990 Time 2005 Program Viruses Macro Viruses E-mail Worms Network Worms Flash Worms Contagion Period
Threat Sophistication Code Red doubled its infection rate every 37 minutes. Slammer doubled every 8.5 seconds, and infected 90% of unprotected servers in 10 minutes! At its peak, 1 out of every 12 emails was infected with MyDoom! Blaster razed networks just 27 days after the vulnerability was publicly disclosed!
Understanding Your Vulnerabilities Internet Gateway
Understanding Your Vulnerabilities File Server / Mail Server
Understanding Your Vulnerabilities Desktop
Understanding Your Vulnerabilities Remote Users
Calculating the Impact on Your Business How to calculate the cost of a virus infecting your network and damaging your information List the number employees in your business Calculate an average hourly compensation per employee Think about what files and work might need to be re-created after a loss: customer database, client reports, project files, and schedules, contracts, etc. Estimate the amount of time required to re-create lost databases, financial files, and other work per employee Multiply the time required by the number of employees affected by the average hourly compensation This is the cost of one virus damaging desktop files one time only – It doesn’t include the cost to have your software or hardware professionally repaired or replaced.
Calculating the Impact on Your Business $10,500 Annual Cost to Business ($875/person x 12 = $10,500 ) $875 Annual Cost to Business / Worker ( 35 hours x $25/hr = $875 ) 35 hours Total Annual Hours / Person ( 20 + 15 = 35 ) 15 hours Viruses: Annual Downtime / Person 20 hours Spam: Minutes Each Day / Person: 5 Hours Each Year / Person: 5 x 4 = 20 $25.00/hour Average Hourly Wage 12 Number of Employees
Recommended Security Practices Prevent infection with antivirus software Install antivirus on all desktops, laptops, and servers Check for virus definitions daily or set for automatic updates Stop intruders with a firewall Use a firewall on all desktops, laptops, and servers Stay on top of security updates Deploy security patches and fixes as soon as they are available Use the latest operating system versions Create strong passwords and change them frequently Don’t allow Web browsers to remember passwords/private data Open email responsibly Scrutinize attachments before opening them; avoid ones with unusual extensions Don’t open or reply to unsolicited mail
Recommended Security Practices, cont. Browse the Web with caution Don’t ever give personal information to a Web site unless you see a small padlock or key icon in the browser’s toolbar Don’t type confidential information in Instant Messaging/Chat programs Back up regularly Back up vital data daily and store critical backups offsite Make remote connections secure Require remote users to use antivirus and firewall software Use a Virtual Private Network (VPN) Lock down wireless networks Install a firewall at the wireless access point Ensure the physical security of your equipment Never leave wireless devices unattended Use the screen locking feature when you leave your computer
Symantec Small Business Product Line Desktop and Server Protection Desktop Protection Point Products Suites/Integrated Additional Tier
Who is Symantec? Global leader in information security #1 global leader in antivirus and antispam software* Offers a broad range of software, appliances, and services for: Home and home office Small and mid-sized businesses Large enterprises Operating in over 35 countries worldwide Insight from monitoring a sensor network of more than 20,000 corporate customers, and millions of personal PCs * * Sources: IDC – Secure Content Management 2004-2008 Forecast Update and 2003 Vendor Shares; Aug 2004 Worldwide Antispam Solutions 2004-2008 Forecast and 2003 Vendor Shares December 2004
Thank You Questions and Answers

More Related Content

DOC
Data security
Laura Breese
 
PPT
Guard Era Security Overview Preso (Draft)
GuardEra Access Solutions, Inc.
 
DOCX
It risk assessment in uae
RishalHalid1
 
PPTX
Network Security for Employees
OPSWAT
 
PPTX
Network Security of Data Protection
UthsoNandy
 
PPTX
Protection against cyber threats
TIKAJ
 
PDF
Preventing Data Breaches
xband
 
PPSX
Technology Training - Security, Passwords & More
William Mann
 
Data security
Laura Breese
 
Guard Era Security Overview Preso (Draft)
GuardEra Access Solutions, Inc.
 
It risk assessment in uae
RishalHalid1
 
Network Security for Employees
OPSWAT
 
Network Security of Data Protection
UthsoNandy
 
Protection against cyber threats
TIKAJ
 
Preventing Data Breaches
xband
 
Technology Training - Security, Passwords & More
William Mann
 

What's hot (20)

PDF
Chapter 2 konsep dasar keamanan
newbie2019
 
PDF
Information security
Appin Faridabad
 
PPTX
IT & Network Security Awareness
The Network Support Company
 
PDF
Data Security in Healthcare
Quick Heal Technologies Ltd.
 
PPTX
The need for effective information security awareness practices.
CAS
 
PPTX
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
Symantec
 
PDF
Proven cybersecurity tips to protect your business
AnkitaKale12
 
PDF
Cybersecurity Powerpoint Presentation Slides
SlideTeam
 
DOCX
VAPT- A Service on Eucalyptus Cloud
Swapna Shetye
 
PPTX
Valuing Data in the Age of Ransomware
IBM Security
 
PDF
Outlook Briefing 2016: Cyber Security
Mastel Indonesia
 
PDF
What’s the State of Your Endpoint Security?
IBM Security
 
PDF
Information Security Awareness
Net at Work
 
PPTX
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Michael Noel
 
PDF
beyond_the_firewall_0103
Jack McCullough
 
PPTX
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
IBM Security
 
PPT
Executive Information Security Training
Angela Samuels
 
PDF
The IBM X-Force 2016 Cyber Security Intelligence Index
Kanishka Ramyar
 
PPTX
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
PPTX
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
PreetiDevidas
 
Chapter 2 konsep dasar keamanan
newbie2019
 
Information security
Appin Faridabad
 
IT & Network Security Awareness
The Network Support Company
 
Data Security in Healthcare
Quick Heal Technologies Ltd.
 
The need for effective information security awareness practices.
CAS
 
What lies ahead? 2016 Cyber Security Predictions from Symantec in the EMEA (E...
Symantec
 
Proven cybersecurity tips to protect your business
AnkitaKale12
 
Cybersecurity Powerpoint Presentation Slides
SlideTeam
 
VAPT- A Service on Eucalyptus Cloud
Swapna Shetye
 
Valuing Data in the Age of Ransomware
IBM Security
 
Outlook Briefing 2016: Cyber Security
Mastel Indonesia
 
What’s the State of Your Endpoint Security?
IBM Security
 
Information Security Awareness
Net at Work
 
Securing IT Against Modern Threats with Microsoft Cloud Security Tools - M365...
Michael Noel
 
beyond_the_firewall_0103
Jack McCullough
 
Borderless Breaches and Migrating Malware: How Cybercrime is Breaking Down Ba...
IBM Security
 
Executive Information Security Training
Angela Samuels
 
The IBM X-Force 2016 Cyber Security Intelligence Index
Kanishka Ramyar
 
Outsmart Fraudsters: Give Customers Great User Experience While Keeping Fraud...
IBM Security
 
IMPACT OF REMOTE WORK:NEW THREATS AND SOLUTIONS
PreetiDevidas
 
Ad

Viewers also liked (17)

ODP
An introduction to µBlogging
Jon Spriggs
 
PDF
Network firewall function & benefits
Anthony Daniel
 
PPT
Firewalls
junaid15bsse
 
PDF
A University Network Design Exercise
joelavery
 
PPT
Group 3 (Revised) Network Design Proposal Presentation
Jan Aldrich Dorado
 
PPT
Network Design
cornimar
 
PPTX
Network Proposal Power Point
guest7fbe17
 
PDF
World Global Network - Small business plan
world-gmn
 
PPTX
Network proposal ppt
FrankNitty II
 
PPTX
Network security
Madhumithah Ilango
 
PDF
What Makes Great Infographics
SlideShare
 
PDF
Masters of SlideShare
Kapost
 
PDF
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
Empowered Presentations
 
PDF
You Suck At PowerPoint!
Jesse Desjardins - @jessedee
 
PDF
10 Ways to Win at SlideShare SEO & Presentation Optimization
Oneupweb
 
PDF
How To Get More From SlideShare - Super-Simple Tips For Content Marketing
Content Marketing Institute
 
PDF
How to Make Awesome SlideShares: Tips & Tricks
SlideShare
 
An introduction to µBlogging
Jon Spriggs
 
Network firewall function & benefits
Anthony Daniel
 
Firewalls
junaid15bsse
 
A University Network Design Exercise
joelavery
 
Group 3 (Revised) Network Design Proposal Presentation
Jan Aldrich Dorado
 
Network Design
cornimar
 
Network Proposal Power Point
guest7fbe17
 
World Global Network - Small business plan
world-gmn
 
Network proposal ppt
FrankNitty II
 
Network security
Madhumithah Ilango
 
What Makes Great Infographics
SlideShare
 
Masters of SlideShare
Kapost
 
STOP! VIEW THIS! 10-Step Checklist When Uploading to Slideshare
Empowered Presentations
 
You Suck At PowerPoint!
Jesse Desjardins - @jessedee
 
10 Ways to Win at SlideShare SEO & Presentation Optimization
Oneupweb
 
How To Get More From SlideShare - Super-Simple Tips For Content Marketing
Content Marketing Institute
 
How to Make Awesome SlideShares: Tips & Tricks
SlideShare
 
Ad

Similar to Securing Your Small Business Network (20)

PPT
Information Security Seminar
Acend Corporate Learning
 
PPT
C3
Praveen Malisetty
 
PPT
Services and Products
Technecessities
 
PPTX
Can your company survive a modern day cyber attack?
Symptai Consulting Limited
 
PPTX
Security Minded - Ransomware Awareness
Greg Wartes, MCP
 
PPTX
Internet safety and you
Art Ocain
 
PPT
Information security in todays world
Sibghatullah Khattak
 
PDF
How Computer Network Support System Work Against Hacking?
jeremyhall724
 
PPSX
Security Awareness Training
William Mann
 
PPT
S M B Top 10minstakes
ctnewmarket
 
PPTX
Cybersecurity Basics of awareness presentation .pptx
williambillrials
 
PPTX
Cybersecurity Basics of awareness presentation .pptx
williambillrials
 
PPTX
Cyber Security School Workshop
Rahul Nayan
 
PDF
Network monitoring white paper
Imaging Network Technology, LLC
 
PDF
IT security threats and endpoint security
Acutec Limited
 
PPT
computer_security.ppt
Asif Raza
 
PPT
IT security awareness
Dr. Ramkumar Lakshminarayanan
 
PPT
091005 Internet Security
dkp205
 
PDF
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
TechSoup
 
DOCX
The Importance of Cybersecurity to Secure Business Operations.docx
Onesimo Patricio Matimbe
 
Information Security Seminar
Acend Corporate Learning
 
C3
Praveen Malisetty
 
Services and Products
Technecessities
 
Can your company survive a modern day cyber attack?
Symptai Consulting Limited
 
Security Minded - Ransomware Awareness
Greg Wartes, MCP
 
Internet safety and you
Art Ocain
 
Information security in todays world
Sibghatullah Khattak
 
How Computer Network Support System Work Against Hacking?
jeremyhall724
 
Security Awareness Training
William Mann
 
S M B Top 10minstakes
ctnewmarket
 
Cybersecurity Basics of awareness presentation .pptx
williambillrials
 
Cybersecurity Basics of awareness presentation .pptx
williambillrials
 
Cyber Security School Workshop
Rahul Nayan
 
Network monitoring white paper
Imaging Network Technology, LLC
 
IT security threats and endpoint security
Acutec Limited
 
computer_security.ppt
Asif Raza
 
IT security awareness
Dr. Ramkumar Lakshminarayanan
 
091005 Internet Security
dkp205
 
Cyberattacks on the Rise: Is Your Nonprofit Prepared?
TechSoup
 
The Importance of Cybersecurity to Secure Business Operations.docx
Onesimo Patricio Matimbe
 

Recently uploaded (20)

PDF
How to Get Business Funding for Small Business Fast
Jake Thornhill
 
PDF
SIMNET Inc – 2023’s Most Trusted IT Services & Solution Provider
sidnik500
 
PDF
BsN 7th Sem Course GridNNNNNNNN CCN.pdf
ZAMANYousufzai1
 
PPTX
5 Stages of group development guide.pptx
keerthanashanmugam201
 
PDF
A Brief Introduction About Julia Allison
Julia Allison
 
PPT
340036916-American-Literature-Literary-Period-Overview.ppt
carinaherdiles611
 
PDF
Training And Development of Employee .pdf
nivethavm864
 
PPT
Data mining for business intelligence ch04 sharda
salmaalsaeed3
 
PDF
Unit 1 Cost Accounting - Cost sheet
MANJU N
 
PPT
Chapter four Project-Preparation material
argachewbochena1
 
PDF
IFRS Notes in your pocket for study all the time
jjj81507
 
PPTX
job Avenue by vinith.pptxvnbvnvnvbnvbnbmnbmbh
kaniece
 
PDF
Ôn tập tiếng anh trong kinh doanh nâng cao
thaoonguyenn2311
 
PDF
How to Get Funding for Your Trucking Business
Jake Thornhill
 
PPTX
Principles of Marketing, Industrial, Consumers,
efranciscaantoinette
 
PPTX
Lecture (1)-Introduction.pptx business communication
HamzaGhani10
 
PDF
Business model innovation report 2022.pdf
pradvapal
 
PDF
DOC-20250806-WA0002._20250806_112011_0000.pdf
dhanusriss08
 
DOCX
unit 2 cost accounting- Tender and Quotation & Reconciliation Statement
MANJU N
 
PDF
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 
How to Get Business Funding for Small Business Fast
Jake Thornhill
 
SIMNET Inc – 2023’s Most Trusted IT Services & Solution Provider
sidnik500
 
BsN 7th Sem Course GridNNNNNNNN CCN.pdf
ZAMANYousufzai1
 
5 Stages of group development guide.pptx
keerthanashanmugam201
 
A Brief Introduction About Julia Allison
Julia Allison
 
340036916-American-Literature-Literary-Period-Overview.ppt
carinaherdiles611
 
Training And Development of Employee .pdf
nivethavm864
 
Data mining for business intelligence ch04 sharda
salmaalsaeed3
 
Unit 1 Cost Accounting - Cost sheet
MANJU N
 
Chapter four Project-Preparation material
argachewbochena1
 
IFRS Notes in your pocket for study all the time
jjj81507
 
job Avenue by vinith.pptxvnbvnvnvbnvbnbmnbmbh
kaniece
 
Ôn tập tiếng anh trong kinh doanh nâng cao
thaoonguyenn2311
 
How to Get Funding for Your Trucking Business
Jake Thornhill
 
Principles of Marketing, Industrial, Consumers,
efranciscaantoinette
 
Lecture (1)-Introduction.pptx business communication
HamzaGhani10
 
Business model innovation report 2022.pdf
pradvapal
 
DOC-20250806-WA0002._20250806_112011_0000.pdf
dhanusriss08
 
unit 2 cost accounting- Tender and Quotation & Reconciliation Statement
MANJU N
 
Stem Cell Market Report | Trends, Growth & Forecast 2025-2034
Claight Corporation
 

Securing Your Small Business Network

  • 1. Securing Your Small Business Network
  • 2. Introduction Types of Online Risks Small Business Network Vulnerabilities Calculating the Impact Recommended Security Practices Overview of Symantec Solutions Agenda 1 2 3 4 5 6
  • 3. The Internet Has Changed Business Forever Turn back the clock 10 years… Did you have an email address? Web access? A Web site? The Internet has redefined business dynamics 48% of small businesses in the U.S. have Web sites 163 million Americans have an email address 185 million Americans use the Internet The good news is that you can: Gather information more quickly Increase communications with your customers/vendors Transact business more efficiently Sources: Pew Internet Survey 2004, Computer Industry Almanac, 2004 Kelsey Group, 2004
  • 4. The Bad News: Computer Security Risks Did you realize that you open your business to potential risk whenever you… Download something from the Web? Open an email attachment? Leave your computers connected to a broadband connection? Insert removable media (CD-ROM, DVD-ROM, flash drive) into one of your business’s computers? Access the Internet wirelessly? Let a guest user onto your business network? The security of your business is up to YOU!
  • 5. The Impact of Poor Security Over $11 billion in damages worldwide Between just a few months: Feb. 2004 and May 2004 From just MyDoom, Netsky, Bagel, and Sasser virus outbreaks Source: Computer Economics, Inc. June 2004
  • 6. The Impact of Poor Security U.S. CSI/FBI Survey (among 269 respondents) * Estimated total loss of $141 million due to virus outbreaks in 2003 19% in small businesses with <100 employees $524K average loss per respondent Attack types and percent experiencing them Virus outbreaks 78% Internal abuse of Web access 59% System penetration 39% An estimated 57MM Americans have received emails from “phishers” (Gartner, May 2004 survey) Cost of phishing attacks to U.S. banks in 2003 $1.2b (Symantec) * Source: CSI/FBI Computer Crime and Security Survey, 2004
  • 7. What Are You Up Against? Types of Risks Malicious Code Worms, Viruses, Trojan Horses Hackers Information theft/Privacy Violations, Spyware, Phishing, Denial of Service, Application Vulnerabilities Time Wasters Adware, Spam Email, Popup Ads, Data Loss
  • 8. What Are You Up Against? Malicious Code Virus A malicious program that attacks PCs and Macs by infecting other files on the computer Worm A malicious program designed to spread itself to as many other computers as possible via the Internet, sometimes taking over the victim’s email address book Trojan Horse A malicious program that pretends to be a useful or friendly program, such as a screen saver, game or other type of utility Source: SecurityFocus The “Blaster” worm alone inflicted $1.3 billion in damage to U.S. Businesses in 2003
  • 9. What Are You Up Against? Hackers Privacy Violations Intrusions into your business’s computer systems for personal information belonging to you, your company or your customers, often credit card numbers Spyware Small applications that monitor your Web usage and report it to a marketing service Key stroke loggers that capture data and steal passwords Phishing Fraudulent schemes in which a hacker pretends to be a legitimate company or authority to get you to reveal personal information willingly Denial of Service An attack that ties up a Web server so that your customers, vendors, and partners can’t access your site Source: CSI/FBI Computer Crime and Security Survey, 2004 70% of businesses reported at least one security breach from external sources this year
  • 10. What Are You Up Against? Time Wasters Adware Software that displays banner ads even when the host computer is not connected to the Internet Spam, Popup Ads Spam email: unsolicited email, often sent under false pretences Popup Ads: ads that open in a new browser window on top of the Web page you were viewing Source: Symantec/Brightmail, 2004 As much as 65% of all email traffic in 2004 is spam
  • 11. Evolution of Virus/Worm Threats We’ve reached an inflection point where the latest threats now spread orders of magnitude faster than our ability to respond with traditional technology months days hrs mins secs Contagion Period 1990 Time 2005 Program Viruses Macro Viruses E-mail Worms Network Worms Flash Worms Contagion Period
  • 12. Threat Sophistication Code Red doubled its infection rate every 37 minutes. Slammer doubled every 8.5 seconds, and infected 90% of unprotected servers in 10 minutes! At its peak, 1 out of every 12 emails was infected with MyDoom! Blaster razed networks just 27 days after the vulnerability was publicly disclosed!
  • 14. Understanding Your Vulnerabilities File Server / Mail Server
  • 17. Calculating the Impact on Your Business How to calculate the cost of a virus infecting your network and damaging your information List the number employees in your business Calculate an average hourly compensation per employee Think about what files and work might need to be re-created after a loss: customer database, client reports, project files, and schedules, contracts, etc. Estimate the amount of time required to re-create lost databases, financial files, and other work per employee Multiply the time required by the number of employees affected by the average hourly compensation This is the cost of one virus damaging desktop files one time only – It doesn’t include the cost to have your software or hardware professionally repaired or replaced.
  • 18. Calculating the Impact on Your Business $10,500 Annual Cost to Business ($875/person x 12 = $10,500 ) $875 Annual Cost to Business / Worker ( 35 hours x $25/hr = $875 ) 35 hours Total Annual Hours / Person ( 20 + 15 = 35 ) 15 hours Viruses: Annual Downtime / Person 20 hours Spam: Minutes Each Day / Person: 5 Hours Each Year / Person: 5 x 4 = 20 $25.00/hour Average Hourly Wage 12 Number of Employees
  • 19. Recommended Security Practices Prevent infection with antivirus software Install antivirus on all desktops, laptops, and servers Check for virus definitions daily or set for automatic updates Stop intruders with a firewall Use a firewall on all desktops, laptops, and servers Stay on top of security updates Deploy security patches and fixes as soon as they are available Use the latest operating system versions Create strong passwords and change them frequently Don’t allow Web browsers to remember passwords/private data Open email responsibly Scrutinize attachments before opening them; avoid ones with unusual extensions Don’t open or reply to unsolicited mail
  • 20. Recommended Security Practices, cont. Browse the Web with caution Don’t ever give personal information to a Web site unless you see a small padlock or key icon in the browser’s toolbar Don’t type confidential information in Instant Messaging/Chat programs Back up regularly Back up vital data daily and store critical backups offsite Make remote connections secure Require remote users to use antivirus and firewall software Use a Virtual Private Network (VPN) Lock down wireless networks Install a firewall at the wireless access point Ensure the physical security of your equipment Never leave wireless devices unattended Use the screen locking feature when you leave your computer
  • 21. Symantec Small Business Product Line Desktop and Server Protection Desktop Protection Point Products Suites/Integrated Additional Tier
  • 22. Who is Symantec? Global leader in information security #1 global leader in antivirus and antispam software* Offers a broad range of software, appliances, and services for: Home and home office Small and mid-sized businesses Large enterprises Operating in over 35 countries worldwide Insight from monitoring a sensor network of more than 20,000 corporate customers, and millions of personal PCs * * Sources: IDC – Secure Content Management 2004-2008 Forecast Update and 2003 Vendor Shares; Aug 2004 Worldwide Antispam Solutions 2004-2008 Forecast and 2003 Vendor Shares December 2004
  • 23. Thank You Questions and Answers

Editor's Notes

  • #2: Welcome the audience and thank them for coming. Introduce self. Briefly overview what the presentation is about (“How big a problem is Internet security for your business and what you can do about it.”) GENERAL NOTES: Text in double quotes (“text”) are suggested wordings for delivering the information on the slide. Text in square brackets ([text]) are stage directions and not meant to be repeated aloud.
  • #3: Before starting the introduction – get to know your audience by asking the following questions: Size How many have 1-5 employees? How many have 6-10 employees? How many have 10-20 employees? Greater than 20 employees? No employees? Size of computer network? How many of you have computers connected on a network? Have a file server and/or an email server? How many of you have a wireless network? A virtual private network? How many of you either work remotely or have employees who work remotely, and exchange files with onsite employees? What did you come here to learn about today – any specific concerns that we should address as we go through the presentation? Deirdre – will write down the list as you go….
  • #4: “ Raise your hands if you had an e-mail address in 1995.” “ Now, keep your hands raised if you had web access in 1995.” “ Now, keep your hands raised if you had a business website in 1995.” [Comment on how few hands are up.] [Continue by reading off the figures for current email addresses, web use, and business websites.] “ The Internet has changed business dynamics forever .”
  • #5: “ I don’t have to tell you that computer security Risks are on the rise, but here are some ways that you might not have known can lead to security problems.” [read down list] “ With all these risks, the security of your business is up to YOU.”
  • #6: (Hesham – all this content is from the report including the reasons why these assaults are so costly.) Since August 2003, 4 of the top 5 most financially damaging assaults have occurred. Why? Continual sophistication of malicious code Use of blended attack methods Volume of new attacks increasing Organizations lack of security
  • #8: “ One important thing to understand is that there are many different kinds of Risks out there. Let’s break these Riskss into three categories: Malicious code, Hackers, and Time wasters. We’ll define each of these some more.” [read list]
  • #9: “Malicious code can take one of three forms, a virus, a worm or a Trojan horse” [Read definitions for each] Sharing Experience from the audience
  • #10: “We all know about hackers from the news media. Here are some of the things they can do to a business.” [read list and definitions] Sharing Experience from the audience
  • #11: “Finally, there are time wasters. These may seem trivial, but we’ll discuss in a moment why you should guard against these just as you would malicious code or hackers.” [read list and definitions] Sharing Experience from the audience
  • #12: This graph shows (a) the evolution of computer virus/worm threats with respect to their speed of replication (blue line) and (b) the evolution of antivirus technology with respect to the speed of response (red line). The horizontal axis is measured in years, from 1990 to 2005. The vertical axis actually shows two different sets of times (both have the same time scale as indicated on the left-axis). The left vertical axis (blue text), shows how long it takes for a malicious code to reach “contagion” status, where it has infected a critical number of the vulnerable machines. The right vertical axis shows how long it takes to provide a signature for a malicious threat. CLICK : You can see how malicious code has evolved from slow-spreading program viruses to ultra-fast spreading flash worms. The point at which the curve drops sharply, between network worms and flash worms, is the inflection point where these threats can no longer be adequately prevented with traditional security technology.
  • #13: Here was have some statistics showing how the rate of spread of computer worms has grown. The high-profile Code Red threat, released in mid-2001, doubled its infection rate every 37 minutes. Less than two years later, the Slammer worm, released in January of 2003, doubled its infection rate every 8.5 seconds! At this rate, Slammer was able to infect 90% of unprotected servers across the Internet in just 10 minutes. Many of the fastest-spreading threats exploit known vulnerabilities or “holes” in the operating system which have been publicly announced. The time between the announcement of a known vulnerability and the release of a threat targeting that vulnerability is also diminishing. During the summer of 2003, the Blaster threat was released just 27 days after the associated vulnerability was announced, the shortest such time period ever. As this time period shrinks in the future, industry’s ability to respond will be increasingly difficult. Finally, the recent MyDoom worm infected email systems across the world – at its peak, 1 out of every 12 emails on the Internet carried MyDoom. Clearly, the newest threats are spreading orders of magnitude too fast for any response-based security mechanism to stop. And the threats of the future could make even Slammer seem slow by comparison. We need to find fundamentally new ways to stop the bullet. Code Red, Slammer references:http://news.com.com/2009-1001-983540.html Blaster reference: Symantec Internet Security Threat Report MyDoom reference: http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci946423,00.html
  • #20: “Now let’s talk about some simple, effective measures that you can take right now. We’ll start with some security software ideas.” “We’ve talked about antivirus software. But have you put it on all of your computers? Even one unprotected computer can cause problems. Have you checked for new virus definitions--these are profiles of new and evolving viruses--lately? You should do it daily or have the automatic update setting on. You should also scan the system weekly.” “As we mentioned previously, firewall software should go up not only on your router, but also on each desktop, laptop, and server. You may also want to think about a firewall hardware or “appliance”: some firewall appliances also contain other helpful security features, such as VPN or intrusion detection.” “Keep an eye out for security updates for software that you have installed. You need to install patches and fixes ASAP. Also use the latest operating systems for all of your equipment. The latest systems tend to get the most updates and are usually the most virus-resistant to begin with.” “In addition to addressing software, you should be thinking about how you handle computer security.” “You should use strong passwords for password-protected data. By strong passwords, I mean passwords with at least eight characters including letters, numbers, and symbols like the dollar sign or percent symbol.” “Also, be careful when you open your e-mail If you use Microsoft Outlook, Outlook Express or some other programs, you should disable the preview pane that shows you what’s in the e-mail before you open it.” “Before you open an attachment, even if it’s from a known source, think about it. Does the attachment have a strange extension, those three letters AFTER the period? Don’t open it, ESPECIALLY if the extension is EXE. This is an application. Unless you know EXACTLY what this application does, it could cause a lot of problems.” “Don’t open junk mail. This is a common method of intrusion.” “If you open an unsolicited email and it offers you a link to unsubscribe, DON’T. That’s often a trick that hackers use to determine if they’ve reached a valid e-mail address.” “Some of you may have heard recent news reports about phishing. This is when a hacker poses as a legitimate company, such as your bank. They ask you for personal information such as your social security number. If you get a request for personal information from a legitimate company, we encourage you to call them and see if they sent the message.”
  • #21: “Some more security practices.” “Be careful when you surf. Enable the security settings in your browser. In Microsoft Internet Explorer, there’s an item labeled ‘Internet Options’ on the ‘Tools’ menu. Set your browser to a high security setting.” “Don’t give up personal information to a website unless you see that the site is encrypted. Look for a small padlock or key icon in the browser’s toolbar.” “Don’t click on pop-up ads.” “Make sure you back up your data. For really critical data, back it up daily, whether to a CD-ROM or DVD-ROM or some kind of tape system.” “Lastly, back up other data on a regular basis so that if trouble happens, you’ll be able to keep on going with a minimum of disruption.” “As we said, remote and wireless connections are especially vulnerable. Here are some things you can do to minimize risk.” “For people who connect to the office network from the outside, require the use of VPN, a Virtual Private Network. With a VPN, hackers can’t exploit a hole in network.” “Your remote users should be using antivirus software and personal firewall software on their machines as well. You might want to require that they have these set up before you grant them remote access.” “You can also use a VPN to secure the connection between the wireless and wired network.” “That wired router may require a firewall of its own.” “For encryption, enable the wireless security protocol. WPA is currently the security standard and we recommend using it. The old standard, WEP, is not nearly as secure. Try to use WPA.” “Again, wireless access should require a strong password.” “One thing that certainly hasn’t changed with the times is good, old-fashioned theft. People can still walk off with equipment if it isn’t bolted down, so make sure that you secure portable electronics with cable locks and don’t leave them unattended.” “Most operating systems give you the option of locking the screen when you walk away and requiring a password to get back in. We recommend using that feature.” “Keep track of who has keys or access to equipment.” “Remember those back-ups we suggested you make? Keep ‘em offsite in a secure location.” “Lastly, a burglar alarm for your business is often a good idea.”
  • #23: “Thanks so much for attending this presentation.”