Small businesses often find themselves in the unenviable position of not having IT employees who are trained in security matters. This puts them in a vulnerable position to hackers, who may exploit weaknesses that would have been immediately obvious to someone in the know.
Today, I want to highlight some recurrent mistakes that I see being made by SMBs. If they apply to your organization, acting on my recommendations should serve to bolster the overall security of your organization.
Use WPA or WPA2 encryption for Wi-Fi
Because wireless signals are omnidirectional, they necessitate the use of encryption to prevent other computers from listening in. There have been a number of schemes developed for Wi-Fi encryption over the years, namely WEP, WEP 2, WPA and WPA2. In a nutshell, the WEP and WEP 2 protocols are trivial to crack with tools that are freely available, with even WPA with the TKIP algorithm considered weak.
As such, only WPA with the AES algorithm and the WPA 2 protocols should still be used today. Moreover, it is highly recommended that businesses use a passcode that is longer than the minimum 8-character requirement – at least 20 characters would be ideal.
I have written extensively on the topic of deploying and harnessing Wi-Fi in my SMB Tech blog due to the pivotal role of wireless networking in BYOD (bring your own devices). Two recent blogs about wireless networking that you may want to read up on are Why it makes sense for SMBs to deploy 802.11n Wi-Fi and Upgrading your Wi-Fi network to 802.11n.
Insist on two-factor authentication for Internet banking
The number of financial institutions yet to implement proper two-factor authentication never fails to amaze me.
At a time when one can purchase automated off-the-shelf malware toolkits designed to circumvent certain two-factor implementations, SMBs should not even consider using the Internet banking facilities of a bank that doesn’t offer a second-factor passcode delivered using a hardware token or as a text message.
Check out my post on Three online banking tips for SMBs for more information on this front.
Switch away from Windows XP
If you still have desktops that run Windows XP in your SMB, it is high time to plan for its retirement. The reason is simple: Windows XP will exit all support when it receives its final security update come April 8, 2014.
That’s less than 18 months from now, which isn’t a lot of time for figuring out how to replace those cryptic in-house applications that will only run on Windows XP and for which the original source code has long been lost. Even if that’s not the case, you should consider permanently switching it off, too, due to its poor security features compared to Windows 7 and Windows 8.