Q: Is a regular antivirus program good enough to protect my business computers? — Brad
A: Antivirus programs are just a small part of protecting yourself these days and using consumer grade protection may not be adequate, especially if what you do as a business is attractive to hackers.
Most consumers are victims of random acts of hacking, while businesses are much more likely to be targeted by cyber-thieves.
If your business consists of a single computer used by one or two people, you may be just fine. The more employees you have, the more important it is that you look at better protection/management tools.
Using consumer grade routers and security software in a business, especially if you work with sensitive data, will make it easier for a targeted attacker to compromise your network because there will be fewer hoops to jump through.
Most hackers will use traditional social engineering tactics to trick one of your employees into allowing a malware agent to get installed. Once they infect any computer on your network, they can setup backdoors and start infiltrating whatever they want.
With this in mind, what you choose to install for protection and how you manage that protection is very important.
For instance, if you use consumer grade protection, someone must go to each computer on your network to make sure that it’s been updated on a regular basis. With a corporate antivirus program, an administrator has a dashboard that allows them to monitor updates from a single screen.
They can also “push” updates to all the systems to ensure that they are always updated without each user’s involvement.
One of the biggest reasons computers get infected is because the antivirus protection didn’t get updated, so leaving that in the hands of your employees isn’t a good strategy.
If you have servers on your network, you can’t protect them with consumer antivirus programs anyway, so be sure you look at your protection scheme as a whole network.
I strongly recommend that you use a single security software vendor for your entire network for both protection and management purposes.
We were recently asked by a small business to help them figure out why they were using excessive amounts of bandwidth (they got a notice from their Internet Service Provider) and it turned out to be multiple infected workstations on their network.
Seven of their computers were infected with malware that turned them into spam sending servers. They were all running one of three different free antivirus programs and all of them were up to date and claimed that the computers were clean when scanned.
The malware was able to side-step the antivirus programs because they convinced the users to click on or install something that was booby-trapped. A well-developed security plan for a business assumes that users will click on things that they shouldn’t and has provisions to mitigate this threat.
A solid corporate security software package will have many more controls over what users can and cannot do and will allow you to administrate your security choices along with your network operating system from a single desktop.
You can also easily see which users tend to have the most malware trapped by the system, meaning that examining their Internet surfing behavior may be in order.
If you allow your employees to bring their personal computers in and connect to your business network, make sure you include their machines in your security plans or they become the weakest link in your security chain.
• Ken Colburn is president of Data Doctors Computer Services and host of the Data Doctors Radio Program, noon Saturdays on KTAR 92.3 FM or at www.datadoctors.com/radio.