As for the firewall, Zone Alarm is okay, but there should be a hardware device such as LinkSys to filter out the port scans and other nasty Internet traffic before it gets into the network or building. I recommend a real firewall such as one by CyberGuard (www.cyberguard.com), who's products are just as good or better than the high cost market today (www.checkpoint.com). I know a real firewall may be cost prohibited, that is why the first step should be the Linksys for starting to secure the network.
The changes I have are relatively cheap compared to being hacked. Ensure you have McAfee on all machines and the settings are consistent across the company. Update those signatures on a weekly basis. Get at least a cheaper firewall to filter out the malicious hacker stuff. An advanced Linksys will do the trick to start, but the company should invest in a decent firewall. If you can afford the price, check into a local security company to see if they will do a free evaluation of your company.
Finally, remember, Information Technology costs money to run and keep secure. Information Security will keep your name off the headlines of the local paper if you are hacked. Reputation is more important!
For more information on this topic, visit these other SearchSecurity resources:
News & Analysis: Firewalls: How to choose what's right for you
News & Analysis: Multiple antivirus products provide security cushion
Virus Prevention Tip: Tips for the Exchange administrator on protection from malware
This was first published in July 2002