5 Classes of IT Security Tools a Small Business Needs in Its Arsenal

This post was published on the now-closed HuffPost Contributor platform. Contributors control their own work and posted freely to our site. If you need to flag this entry as abusive, send us an email.

With web-security making big news for all the wrong reasons recently, small businesses have more reason to be worried than ever before. And for a good reason, too. When multi-billion dollar brands such as Adobe, Sony, Target and Instagram are succumbing to cyber criminals, then small businesses would seem to be facing a pretty indomitable challenge.

While the risk is definitely ever present, many small business owners often tell themselves that their operation is too small to matter, and that cyber criminals only go after the big guys. Unfortunately, small businesses are at an even bigger threat as they make for a very tempting target, mostly because they usually do not invest in rigorous security protocols and tools.

The statistics are very telling. 43% cyber attacks target small businesses. Also, 60% small companies go out of business within six months of a cyber security attack. So, if you are serious about the security of your enterprise, here are 5 classes of tools that can help you steer clear of any digital disasters…

Network Security Tools

A company’s network is where most of its information will be exchanged and found, which is why it makes for the first place a hacker will try and infiltrate. Thankfully, there are a plethora of network security tools out there that can help you maintain a safe online operating environment. Vigilance is key here, and the quicker you can detect a network intrusion, the faster you can act on it. Consider the following tools to keep a close eye on what’s going on in your network…

  • Snort: Is a free intrusion prevention tool that can monitor your network in real time, and tell you who is online. Its real time nature is a great feature as there can be costly delays between when a hacker has broken through, and when the intrusion is detected via a manual or pre-programmed scan.
  • Wireshark: Previously called Ethereal is a free, open source network protocol analyzer that can give you a granular view on what’s going on in your organization. Wireshark is widely used by commercial, educational, governmental and nonprofit organizations.
  • NMap: A free network auditing and discovery tool that analyzes IP packets being sent across your network along with what all operating systems, firewalls and security vulnerabilities are there.

There are tons of different network security tools out there, but these are the most highly considered. Check out this list of 125 similar network security tools for more options.

Endpoint Security Tools

Just like network security prevents and tackles problems at the network level, endpoint security helps you mitigate them at the local, device level. The rationale for endpoint security is that threats such as malware can also intrude into networks thru devices connected to a network such as PCs, laptops, barcode readers, mobile devices etc.

Any of the following tools can help you setup robust endpoint security policy..

  • Avast Endpoint Protection Advanced: While a fairly basic tool, Avast’s endpoint security can get you most required features at a good price. The core features consist of an antivirus, browsing protection and remote PC management. The Endpoint Plus version adds firewall, server protection and spam filter.
  • Symantec Endpoint Protection: One of the more thorough packages, Symantec’s Endpoint Suit is designed for virtually every platform and offers multiple layers of protection with many security policy options. In its latest iteration, Symantec has also integrated machine learning capabilities into their endpoint suites, too.
  • Bitdefender Gravityzone: With a reputation for high quality products, Bitdefender’s Gravityzone offers comprehensive business protection with a firewall, antivirus and remote management with device and user control features.

Here’s a comprehensive list of endpoint security applications, if you wish to explore further.

Many confuse endpoint security with regular antivirus, however, the former essentially refers to a wide array of security tools that also includes antivirus software among other things. Check out this article on the difference between them.

Virtual Private Networks

Most businesses are well familiar with intranets for connecting terminals locally, however, as workforces are becoming more mobile, they need better communication protocols to operate securely long distances, too. Virtual Private Networks (VPNs) essentially create a safe, encrypted tunnel thru an unsecured internet environment so that remote users can access company information without being compromised. The following VPNs are some of the best that you can opt for…

  • Checkpoint Remote Access VPN: One of the most recognized name in business VPN solutions. Checkpoint’s VPN uses both basic and advanced IPsec (Internet Security Protocol) tunneling enabling both site to site and endpoint connectivity.
  • Cisco AnyConnect: A simple VPN client that can be installed on any device. AnyConnect can give administrators full visibility on endpoint devices across the company with its network visibility module (NVM). It also comes with Cisco’s Umbrella Roaming that can protect users when they are not using the VPN.
  • F5 BIG-IP Access Policy Manager: Unlike most commercial VPNs that use IPsec protocol, F5’s APM is based on SSL (Secure Socket Layer) that does not require the user to install any client on the user side.

Data Loss Prevention Tools

Data loss prevention (DLP) tools have been around for a while and are useful for helping enforce security policies by controlling what information end users can send out. DLP software can detect possible breaches and can monitor and if necessary, block its access at user endpoint, on the network, or even while it’s idly stored. Automated data loss prevention (DLP) tools such as the ones described below are your best bet to stave off any disasters…

  • Symantec DLP: Still the reigning king of the Gartner Magic Quadrant, Symantec has an excellent and very well thought out DLP solution that can help you keep your data secured throughout your network, endpoints and storage systems. The solution is very scalable and can help you control data usage regardless of whether the users are online or offline.
  • McAfee DLP Solutions: McAfee offers a range of different DLP solutions. Being one of the leading solutions providers in the data loss space, their products are well received and offer everything from monitoring data usage over networks to preventing people from copying files onto hard-drives or USB sticks, or sending them thru email.
  • Sophos Endpoint DLP: While Sophos may not be as popular as McAfee or Symantec, its solutions are widely considered as one of the best there are. Sophos has integrated their DLP right into their antivirus engine that constantly scans for vulnerable pieces of information. Their DLP comes with prebuilt rules, however can accept custom rules as well.

Here’s a list of leading DLP solutions, along with an excellent guide on how to select one.

Data Backup and Recovery Tools

And now for the worse case scenario. While backing up data is always a good idea, manual backups might not be a good idea in companies where massive quantities of information are both created and shared. The following backup tools are all great options to help you keep all your data safely duplicated…

  • Carbonite: A cloud backup solution that provides unlimited storage with no hidden clauses. Carbonite is a great, no-frills backup solution that offers all that you could want including versioning (not for Macs) where you can restore from a past version of the file, scheduling, at-rest and private encryption as well as remote access.
  • IDrive: For those who want the added insurance of having onsite backup along with cloud backup, IDrive provides the perfect solution. While IDrive does not offer unlimited storage, you can backup as many devices as you want and there is no capping on file sizes. Deleted files are kept for 30 days and all your data, both in transit and storage is protected with their 256 bit AES encryption.
  • CrashPlan: Now offered exclusively to business consumers, CrashPlan offers unlimited storage at a very attractive price point. One of the coolest features that crashplan offers is that you can backup your data to any device connected to the internet or your computer. Coupled with great security features and the ability to segment data based on its importance, CrashPlan makes for an awesome backup solution.

Concluding thoughts

While the tools discussed above are no doubt effective, it cannot be emphasized enough that they need to be part of well thought out and thorough security best practices. People being careless is almost always the reason why a security breach occurs in the first place. With ransomware infections reaching epidemic proportions, now is the time to create a company security policy and train all your employees in it, if you haven’t already. The tools described above will help you to enforce your policies and make sure that your data remains secured.

Popular in the Community