|
 |
Half of Small to Mid-Size Companies Are Targets for Web Attacks STAMFORD, Conn., Oct. 11, 2000 (SmartPros) By 2003, half of small to mid-size enterprises that manage their own network security and use the Web for more than e-mail will experience an Internet attack. According to the Gartner Group, a provider of business technology research, over the next three years half of small and mid-size enterprises with weak network security will fall prey to Web hackers and computer viruses. And more than 60 percent of those hit will be unaware of the attack. "With small and mid-size enterprises doing more business on the Internet, their networks are exposed to security breaches," said James Browning, a Gartner research director. "Defensive action is required to protect the enterprise from unauthorized and malicious users." The Gartner Group explained that small to mid-size enterprises usually cannot afford or do not attract personnel who have security experience, which results in poor server management. Furthermore, these companies may use regional Internet service providers that provide unknown levels of security, putting the businesses at risk. How can these smaller enterprises protect themselves? The Gartner Group offers four steps to strengthen network security. Do a security checkup, said the Gartner Group. Those connected to the Internet should consider contracting with a security firm to conduct an audit and risk assessment of their networks. It should include an internal network security audit and an external penetration test. That should take place whenever a company makes major changes to its Web site or firewall, and at a minimum of once a year. Ensuring that a proper firewall is installed is crucial, the Group explained. Businesses should focus on firewall appliances that provide a base level of security without requiring detailed security knowledge. Request quotes for managed firewall and intrusion detection services from Internet service providers. Those types of services usually cost less than the equivalent salary of a half-time firewall administrator. Also, scanning incoming e-mail for viruses is a key security measure. Companies can use either desktop or server-side antiviral protection and should take immediate action to purge the entry of spam mail, Gartner said. Businesses that provide dial-in access to e-mail and other enterprise systems should eliminate desktop modems and use consolidated modem pools and remote access servers. And companies should require the use of hardware tokens to authenticate remote users, the Group added. According to Gartner, those four security measures will protect more than two-thirds of small to mid-size companies with Web connections. Businesses that handle more highly sensitive data -- such as law firms, regional banks, independent insurance agencies, and state and local government agencies -- should plan for additional precautions or outsource their security operations to an experienced service provider, Gartner advised. -- SmartPros News Staff Send comments to information@smartpros.com |
|
|
|||||||
|
||||||||||
|
|
||||||||||
|
||||||||||
