Jane Applegate—Protecting Against Computer Viruses a Wise Investment

0

Your computer network may have been spared by the most recent “Code Red” virus, but don’t think because you are small, you aren’t vulnerable to a crippling security breach or nasty virus.

The current scourge, “Sir Cam,” has been assaulting e-mail systems for the past two weeks. United Kingdom-based Message Labs Inc., which provides e-mail filtering services worldwide, has intercepted 10,000 “Sir Cam” messages a day being sent to its 500,000 subscribers, according to Andy Faris, President of Message Labs (United States) located in Minneapolis, Minn. In most cases, several messages a day from different people appear to be messages sent by a friend needing “help.” The “Sir Cam” virus can delete files and forward confidential company information to unwitting recipients, Faris said.

“This problem isn’t going away,” said Faris. “The hackers are getting more malicious and more clever. Traditional security measures aren’t working anymore, so you have to step up your vigilance and improve security.”

If you think these viruses are just nuisances, check out the damage estimates.

Last year’s Valentine’s “Love Letter” virus caused an estimated $2.6 billion in losses in 72 hours, according to industry analysts. In 1999, the “Love Bug” virus infected networks causing an estimated $10 billion in damage, while the “Melissa” virus cost another $393 million in 2001. The widespread “Anna Kournikova” virus also caused big expensive headaches around the world.


Security review urged

“I would suggest that all companies, big and small, do a thorough review of its security,” said Faris, whose company offers the e-mail filtering services for about $2.50 per user per month with a one-year contract (www.messagelabs.com).

If a mysterious hacker isn’t trying to shut down your Web site, a disgruntled former employee could be. Doing things as simple as changing system passwords frequently can prevent a major security breach.

“If a business owner doesn’t take proactive steps to make sure their information is secured, it’s the equivalent of putting their secrets out on the front doorstep when they go home at night,” said Robert Lonadier, director of security strategies for the Hurwitz Group in Framingham, Mass.

“The typical hacker is a bored teenager with a modem and access to news groups,” said Lonadier. “Data in transit (e-mail) and data at rest (company files), financial information and customer files need to be protected in some manner, otherwise, the safe bet is that it will find its way into the wrong hands.”

Lonadier said lax password security results from sharing passwords or scribbling them on sticky notes and sticking them on computers or inside desk drawers.

“It’s amazing how common sense gets ignored when it comes to security issues,” said Lonadier.

He recommends that every business owner spend 15 minutes making a detailed list of critical information assets. Figure out who really needs access to specific information and then limit access to everyone else. Keep close tabs on who has access to financial and other confidential information. Think twice about e-mailing confidential documents and contracts. Faxing or mailing them is safer.

“People get lulled into the convenience of the electronic medium without thinking through the implication of having (sensitive) documents travel through cyberspace,” said Lonadier.


Easy password fix

To immediately increase password security, he recommends including one uppercase letter in your password. This is a very simple and effective tool against hackers.

“If you have the computer equivalent of locks on your doors and a “Club” on your car, the casual hacker may be turned away,” he said.

Another problem is the push to open your computer systems and Web site to your customers. If a legitimate customer is given a password to go online to check order status 24 hours a day, a hacker has an open door to dig deeper into your computer system.

“With large numbers of computer systems being interconnected front end to back end, there is an opportunity for errors and vulnerability,” said Lonadier.

Security experts warn against posting too much personal information about your executives on your Web site. If you tell the world your chief information officer has three kids, loves to jog and lives in San Jose, he or she is vulnerable to being contacted or threatened by a computer criminal.

Experts say your confidential information is most vulnerable when you send it over the Internet in the form of e-mail. Currently, 10 million e-mail messages are sent around the world every day, and the number is expected to grow to 35 million messages a day in the next five years, according to Accenture, a high-tech consulting firm.

Jane Applegate is the author of “201 Great Ideas for Your Small Business,” and is CEO of SBTV.com, a multimedia site providing small-business resources. She can be contacted via e-mail at [email protected], or by mail at P.O. Box 768, Pelham, NY 10803.

No posts to display