Regarding Website Security, leading newspapers in India carried an article on a small and medium enterprises being a victim of the recent WannaCry ransomware attack. The article also suggested that the entrepreneur negotiated to pay the ransom to get back his digital assets, before reporting it to the authorities.
Small and Medium Enterprises often work on limited budgets and investing a lot of money on cyber-security does not make business sense. This makes them vulnerable to opportunistic ransomware attacks that may even lead to bankruptcy or closure. Most small businesses may not have the personnel or the basic knowledge to tide over the rather harmless Scareware or Screen-Lockers. Seven in 10 of the cyber break-ins reported in Verizon’s 2012 Data Breach Investigations Report occurred at organizations with less than 100 employees. Investing a little time, due-diligence can easily help small companies in protecting their cyber data.
It is heartening to know that, not all Website Security measures come with an exorbitant price tag. We live in a world of open-source technologies that offer important things (read a lot of good things) for free. Even companies with absolutely no technology staff can use free tools available on the World Wide Web to protect their networks and data.
Browsers have been at the forefront of enabling you to identify and plug leaks. Take for example Qualys, Firefox, and Browserscope. Qualys’ BrowserCheck throws a report of recommended fixes and links to relevant pages as soon as you hit the ‘scan’ button. Firefox plug-in checks and gives you a detailed report of your add-on browser software. If one of your favorite plug-ins is no longer supported, it is advisable to get rid of it. Browserscope runs an even deeper analysis to inform you of your browser’s vulnerabilities and compares the results to all the scans from users who have used the tool.
From a customers’ perspective, if you are a website that collects and stores customer information, it is your responsibility to protect consumer data. To maintain consumer trust, the website should get its SSL certification from a diligent Certifying Authority. Free open-source software TrueCrypt is available for Windows, Mac and Linux machines and can be used to secure data on thumb drives and other storage devices.
Web-filtering is also a very potent way of protecting your assets from Phishing scams. OpenDNS offers a free, cloud-based web filtering product that can protect a single PC or mobile device, or an entire network, from known phishing sites. This will protect you and your employees from phishing for free!
No matter how small the network is, it is vulnerable to attack. To protect your network you have to firt perform diagnostics to ascertain the loop-holes that need to be fixed. Lumension Security, offers a free vulnerability scanner for checking networks of 25 or fewer computers.
It can identify software vulnerabilities and misconfigurations that could put you at risk. Qualys, besides offering a free browser safety report, also offers FreeScan, a free tool for that scans five users to detect security vulnerabilities in Web applications and finding malware infections and threats in websites. For a little complex set-up with some technical support staff, organizations can use Security Onion, for intrusion detection and network monitoring.
Protecting your Computer from Cyber-attacks is the easiest. Popular OS vendors provide upgradable security features that are efficient enough to protect you from the malicious intents. Though basic firewalls are free they can be easily broken and thus there is a need for downloadable Anti-virus software. AVG and Microsoft’s Security essentials are offer basic protection against viruses for 10 or fewer computers. The thumb-rule with all firewalls and anti-virus software is they need to be updated regularly.
For more information on website security visit www.https.in