Access your Pro+ Content below.
Lack of SMB security opens door to online criminals
This article is part of the June 2011 issue of Information Security magazine
Hello! I’m talking to you! Yes, you, the IT director or network manager at your average SMB. I have a message and hopefully you listen loud and clear: There are no weeds tall enough in which you can hide. There it is; said it. Your company’s relatively small size, which for so long led you to believe you A) were not in the crosshairs of hackers; and B) you processed and stored nothing of value that would interest a criminal operating on the Internet, is in fact just what the bad guys are pining for. They love small fish. They get a twinkle in their eye because they know you’re busy, under-staffed and barely have a network firewall configured properly, much less an incident response plan. Now we’re not talking Mom and Pop stores here. We’re talking, for example, franchises in a large restaurant chain left on their own to manage IT. Care to guess where IT security falls on the list of priorities for those franchises? We’re talking about relatively small operations, Level 3 and 4 PCI merchants for example, processing credit card ...
Features in this issue
In order to get the best results, you need to limit your goals for SIM.
The influx of personal smartphones and other computing devices into the enterprise is forcing a shift in security strategy.
An automated tool and mandates for continuous monitoring try to improve federal information security efforts.
Sony and other data breaches suggest need for data accountability, better configuration management.
Columns in this issue
Online criminals have smaller targets firmly in their crosshairs.
Banks and other businesses are rushing to jump on the mobility trend but leaving security behind.
Security expert and Information Security magazine columnist Marcus Ranum continues a new bimonthly feature where he goes one-on-one with a fellow security industry insider.