As a small business owner, I often find myself having some of my most productive time on Friday afternoons. My clients have gone home for the weekend, my staff members are wrapping up their week’s work and completing their timesheets. I’ve got a few hours of time to myself to get things done. Dinner time rolls around and I’m inevitably the last one out of the office, shutting off the lights and locking the door behind me.
What a lot of people don’t realize is that even once they’ve turned out those lights and locked that door, strangers might still be coming into their place of business.
Network Connections Are Like Doors
Just like a door, a network connection can let people into your business. If you have a firewall, your network connection probably looks more like a strong door with a mail slot. There’s a minimal amount of space open to the outside world, just to let a little bit of mail and web traffic in. Certainly not enough room for a person to fit through.
Unless that person is carrying a coat hanger. Unfold the coat hanger, reach it up to unlatch the deadbolt, pull the door handle, and now anyone can enter.
Likewise, your firewall isn’t enough to protect your network connection on its own. If there’s a vulnerability in that service you’ve exposed to the outside world through the “mail slot” – like your web server has some unpatched software, or your mail server is out dated – a person with the right tools can take advantage of that, and open up a door big enough to fit himself and all his friends inside your business.
Don’t think it’s realistic? After you finish reading this, run a quick internet search on the phrase “malware on my website”…
What About Doors You Didn’t Install?
Firewalls are an essential part of minimum viable security. Examples like this show that a firewall alone won’t protect a network. Even so, let’s assume you feel reasonably safe with your current network connections.
There are also the threats posed by network connections you don’t know about. I’m sure you’re asking how can I not know about a network connection? I’m paying for the only one.
First off, there’s the threat of rogue wireless access points. We’re working with a customer whose building is built so strongly, the wi-fi signal doesn’t work well in every office. The employees’ solution? Buy a $30 wireless access point, connect it to the ethernet cable in the conference room, and BAM! super fast wireless connectivity.
While it solved his immediate problem of no connectivity, his lack of experience with security created a new problem. There was no authentication or encryption on the hotspot, and now all the sensitive traffic shared in that conference room is being broadcast to people inside and outside the building.
There’s also the more advanced threat of devices such as the Pwn Plug. Looking like an innocent power adapter, anyone from a janitor to a florist could end up delivering one to your office, and exposing your inner-most secrets to the outside world.
Make Sure Those Doors Are Locked
If network connections are like doors, then it behooves you to have as few network connections as possible, and understand the connections very well.
Here are some actions that you can take by next Friday afternoon. The first two don’t take any special IT wizardry, but the second two might require some help from your IT or Security experts.
- Do a sweep for rogue wireless hotspots in your office. There are free apps for Android-based phones and tablets that can help.
- Google your company’s IP addresses – not names – to see if they appear in unsavory lists such as places to obtain malware or illegal credit cards.
- Ensure that all openings in your firewall lead to systems and software that are up-to-date and fully patched.
- Audit your network for other unauthorized connections that aren’t expected.
Then next Friday, you’ll be able to confidently enjoy your weekend, knowing the doors are safely locked up.