As a parent, I fight a constant battle with my daughter about whether she is dressed appropriately for the day’s weather conditions. Even though we are making slow progress as she matures and is starting to apply experiential learning to her decisions, there’s still a lot of back and forth, “This jacket will be too hot later, but this sweater is not warm enough now,” and then forgets to bring either one as we rush out the door for school. This interchange is strikingly similar to exchanges I have with my some of my clients who, while being mature, successful business professionals, are still learning how to prepare for the digital equivalent of bad weather. Fortunately for them, you can tackle it like you would approach cold weather – handle it in layers.
Whatchu’ talkin’ ’bout, Woo?
Unlike the weather, computer security isn’t likely “warm up” anytime soon, so you’d better bundle up. Here’s how you should be layered:
- Layer 1: Workstation antivirus – Never turn it off, never remove it. Also note that using multiple antivirus applications is never recommended. More does not equal better in this case. It’s like wearing two pairs of pants – you can do it, but it’s definitely going to slow you down and going to be very uncomfortable. In the case of a computer, it might even prevent either product from working effectively.
- Layer 2: Workstation antimalware – Not always the same as “Layer 1”. Some products handle both, such as Webroot’s SecureAnywhere which we use for our clients. Some, like Malwarebytes or Microsoft’s Defender, are meant to be used in concert with an antivirus product. The lines are blurring between viruses and malware, but these products typically focus on adware, spyware and software not considered malicious, but of questionable utility or intent.
- Layer 3: Workstation firewall – even if your computer is behind a perimeter firewall, having a computer firewall in place can provide extra protection, and if it’s programmed properly, will rarely interfere with regular operations. Some products like SecureAnywhere include their own firewall, but even Microsoft’s built-in firewall is better than nothing.
- Layer 4: Perimeter firewall – this typically resides between your computer and the internet. Most routers provided by ISP’s include a basic firewall, which again, is better than nothing, but a professionally managed and maintained, dedicated firewall is like the difference between a wall made of wood and one made of steel. Also be aware that most store-bought routers with firewalls typically don’t include the next 2 layers, primarily because they are targeted for consumer use, not business.
- Layer 5: Gateway antivirus/antimalware – though not as common place in the SMB market, firewalls with built-in antivirus can scan and quarantine inbound (and outbound) malware as users behind the firewall come across it in their internet wanderings.
- Layer 6: Gateway Intrusion Detection/Protection services – often found alongside gateway antivirus, IDS/IPS will actively protect your network against focused attacks on your network by looking for well-known attack vectors and patterns and blocking them as they are aimed at your network.
- Layer 7: Email server spam and virus filtering – Even if you don’t have Layers 5 and 6, you should definitely have this layer. Due to the nature of how email is delivered and accessed, its often possible to sneak malware right by the other layers via email attachment, and as many of you have personally experienced, this is the digital equivalent of the Trojan Horse. Catching malware before it even gets anywhere near your network is nigh as important as Layer 1.
Don’t wait for the security weather front to clear – this storm is nowhere near spent. If your environment is properly geared to survive a long, dark winter, your business can look forward to a warm, bright future.
Image courtesy of Stuart Miles at FreeDigitalPhotos.net