Seven Cybercrime-Fighting Steps For Small Businesses

How To Defend Against Cybercrime

Cybercrime represents a $2 trillion annual business, representing 15 percent of the global production of goods and services, according to the United Nations. Each year, criminals hone their skills and tools to become more adept at penetrating computer systems to steal credit-card numbers and corporate and government secrets.

This year already has seen some high-profile break-ins. The most recent was at credit-card processor Global Payments, which acknowledged the theft of 1.5 million card numbers and other important information that could be used to produce counterfeit Visa and MasterCard credit cards. While such security breaches are sure to continue as the year progresses, there are steps small businesses can take to improve security online and in the office.

Here are seven tips from Karl Volkman, chief technology officer for Chicago-based IT services firm and Microsoft partner SRV Network.

Get A Firewall

Every small business should have a firewall limiting access to the network. The firewall should be the first line of defense.

Tighten Control

Internet usage in the office should be tightly controlled. In addition, businesses should have gateway antivirus and content filtering as the second line of defense after the firewall.

Continuous Review

Managers should review on a monthly or quarterly basis user accounts and usage rights to data.

Physical Protection

Security does not end with what's inside the computer. Businesses need to make sure their hardware is physically protected as well. All guests should be accompanied throughout the office space, and computer displays should be hidden from view from walkways and open areas.

Better Passwords

Businesses should enforce good password policies, which include setting rules for complexity and frequency of change. Simply using your mother's maiden name isn't sufficient.

Spend Some Money

Businesses that can afford it should hire full-time data security people. In addition, budgets should include money for equipment and software to battle cybercriminals.

Employee Training

Employees need to be taught to be cautious. A few simple rules can improve security in a small office: Avoid questionable e-mail Web sites, delete any questionable e-mail and do not click on hyperlinks. Instead of the latter, employees should Google the topic and try to find the Web site from there.

More Cybercrime Coverage From CRN

Cybercrime coverage:
Microsoft Marks New Cybercrime-Fighting Strategy
Cybercrime in 2011: No One Was Safe
10 Biggest Security Breaches Of 2011