Get tough with your users to protect your network

Your company's biggest security threat is likely on your payroll. Here's how to keep workers from destroying your business

No one likes to be hated, but if you're running a small business, sometimes you've got to take security measures that will make your employees really angry. You might even have to (gasp) pull some PCs off the Internet, and treat some employees like, well, children.

Here's why:

No matter how hard you work, no matter how many security programs you install, the biggest threat doesn't come from outside the firewall. And it isn't from unpatched software and it doesn't come from buffer overflows, etc. Your own users are your biggest, albeit unwitting, enemy.

"If all software had 0 exploits, it wouldn't drastically change the amount of successful hacking," says security Roger Grimes, a security pro and columnist. It's because the bad guys have elevated social engineering, the hack that takes advantage of a user's greed, lust or simply naivety, to open the gates to malware.

[Antivirus software and a firewall alone can't guarantee your safety. Here's how to foil the latest crop of sneaky attacks and nefarious attempts to steal your data.]

Grimes may be overstating the case a bit. Software exploits are serious and ever present.

But the modern hacker who wants to gain access to data that can be sold, knows that users can be tricked onto sites that are seeded with malware, says David Perry, global director of education for Trend Micro, whose global array of sensors (and information exchanges with other security vendors and customers) now detects an astonishing 100,000 samples of new malware a day.

And don't think that all sites infected with malware are XXX rated. By the beginning of 2009, the majority of poisoned sites were mainstream. In a typical attack, users of FoxNews.com were told they needed to install a new codec to watch clips on the site. Once installed, the "codec" was a malicious piece of code undetected by most defenses, Grimes recounts.

What you can do to secure your network

Perry suggests some distinctly unpleasant remedies for the small business.

The most draconian applies to computers that hold customer data, particularly credit card information. "If possible, take them off the Web," he says. Files don't have to be e-mailed internally. Assuming you've got a network, simply drag files from one directory to another without a browser.

Without being patronizing, employees need to be treated with some of the same concerns you might have for your children. You know the drill; tell them going to porn and gambling sites and so on will get them in serious trouble. Since they are adults, you might set up a PC in the break room that has Web access but is not on your network. They may waste time on it, but it won't endanger your firm's security.

You've got to be in control of your network. Trend Micro's Internet Security Package, for example, let's you set security policies for every computer on your network with a simple stratagem: Install the product on PCs that need to be protected and when the program asks for a password, give each PC the same one. (To be clear, we don't mean a network password, but a password to the security program.)

When that's accomplished, one person can block sites and set security policies for all PCs running the program. And if your employees don't know the password -- and they shouldn't -- they can't change the policies.

Your employees may get angry, but your business will be a lot safer. And that's a worthwhile tradeoff.

San Francisco journalist Bill Snyder writes frequently about business and technology. He welcomes your comments and suggestions. Reach him at bill.snyder@sbcglobal.net.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Bill Snyder

PC World (US online)
Show Comments

Cool Tech

SanDisk MicroSDXC™ for Nintendo® Switch™

Learn more >

Breitling Superocean Heritage Chronographe 44

Learn more >

Toys for Boys

Family Friendly

Panasonic 4K UHD Blu-Ray Player and Full HD Recorder with Netflix - UBT1GL-K

Learn more >

Stocking Stuffer

Razer DeathAdder Expert Ergonomic Gaming Mouse

Learn more >

Christmas Gift Guide

Click for more ›

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Walid Mikhael

Brother QL-820NWB Professional Label Printer

It’s easy to set up, it’s compact and quiet when printing and to top if off, the print quality is excellent. This is hands down the best printer I’ve used for printing labels.

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?