The media warns us that cybercriminals are learning how to automate attacks, making it easy for them to target hundreds, sometimes thousands of small companies in one fell swoop. These small and medium-sized businesses (SMBs) often have less sophisticated technological defenses, weaker knowledge of current threats, and less time and money to dedicate to cybersecurity. In theory, this makes them an easier target for hackers than large multinationals. According to an IBM study, businesses with less than 500 employees stand to lose on average $2.5 million in each attack.

Of course, that sounds like disturbing news, but it’s funny how you rarely hear about the many companies that run smoothly for years without any major security breaches! That’s why we urge clients to exercise vigilance without being too unnerved by the latest scare stories. If you’re confused about how to secure a business network, the good news is that there are several simple steps you can take to make your company network more robust. 

For business owners who are serious about hardening network security, the proper configuration of your wireless network is an essential task. Among IT professionals, the advantages of wireless network security have been self-evident for years, so we’ll start there. Then we will look into three other important actions:

• Strengthening your firewall
• Keeping software and firmware up-to-date
• Educating your employees on current threats.

Guard All Wireless Access Points

The first step is to protect all wireless access points (WAPs), which serve as connection points for any Wi-Fi-enabled device in your office. This is important because an unsecured connection point can be intercepted by hackers to access your network. It’s best to use an enterprise-grade router that allows for WPA2 encryption, which gives you the highest possible level of encryption and control. Keep it in a secure, locked cabinet if possible.

Come up with a unique Service Set Identifier (SSID) name and password. Hackers can easily get into your system if you use the default passwords — or indeed if you use obvious, commonly used SSID names like ‘admin.’ If you can, make a point of always using two-factor authentication (2FA), which demands an extra step to gain access instead of requiring just the one password.

Build and Reinforce Your Network Firewall

Firewalls are the first line of defense. They track all traffic and data entering or leaving a network, constantly scoping for any activity that violates its predefined settings. You can adjust the intensity of these based on your precise needs, and they can also be made to scale with your company's growth. In fact, the neat thing about firewalls is that they aren't just traffic police - they can alert you to breaches of your company's internet use policy and even outright block certain forms of content or specific websites.

You can go even further by installing a virtual private network (VPN), which allows you to log into your network and access the internet via an encrypted tunnel that conceals your data and activity from anyone trying to spy on you.

Keep Software and Firmware Updated

If your hardware, software, and apps become outdated, they can represent a security risk. The older the technology, the more likely it is that a hacker has identified its vulnerabilities. These weaknesses can be used to access, corrupt, or even steal a company’s data – as well as the customers. Updates can serve as a patch for these security flaws and close up any vulnerabilities. However, some software updates can’t be applied to older hardware.

In these instances, regular updates can help you to identify antiquated hardware that needs to be upgraded.

Get Your Employees Up to Speed on Cybersecurity Best Practices

A network’s security is only as strong as its weakest link. Unfortunately, the weakest link is often a poorly trained or clumsy employee. Nevertheless, employee errors are easily preventable — as long as they are educated on the risks and how to contain them. In 2020, phishing accounted for losses of $54 million and ransomware for $29.1 million (FBI’s Internet Crime Complaint Center).

 To tackle the phishing threat, advise your employees to refrain from clicking untrusted links from unknown sources, especially in emails. It’s helpful to know that the most common malicious attachment types are .doc and .dot (making up 37%), with the following highest .exe files at 19.5% (Symantec).

A recent report by Preempt found that 19% of enterprise professionals are still using easily guessed passwords or sharing passwords across accounts — make sure your people aren’t doing this. They should ensure that all their passwords are as strong as possible — longer, more unique, and trickier to guess. Also, they should avoid re-using WiFi passwords on multiple accounts or devices.

That pretty much wraps things up. These are just a few of the steps companies can take on their own to boost their internal network security. If the unthinkable happens and your data is stolen, there is only one action that can save you: making regular backups. At Symplicity, we recommend backing up your data every day — and if it’s extremely sensitive, you should consider storing it offsite in a flood-proof, fireproof, and locked facility!

There are other factors to consider, which we will study in future blog posts. One is the insider threat, which is where the benefits of endpoint security come into focus. But that’s for another day.

In the meantime, see our case study describing how RCS Secure helped a client to address their network security challenges. Please get in touch with Symplicity today if you would like to schedule an assessment.