If you come across something called “Google++” run the other way. In a sign that the new social network really has arrived, Google+ has its first malware: A trojan masquerading as an Android Google+ app under the name Google++. Fortunately, it’s not found in the Android Market, but must be downloaded from another site. READ MORE
The promise of cloud computing has been around for years. Like any new technology, it’s taken time for the vendor community to work out the kinks and get cloud computing ready for prime time. While cloud computing comes in numerous flavors, what I’m going to address and what’s typically most relevant to small or mid-sized businesses is software-as-a-service (SaaS). This means that applications are hosted by service providers instead of running on your hardware in the office. This is a big deal. My company — a global PR firm with offices across the United States, Asia, and Europe — depends on extremely high service levels from the IT function. As a one-woman band managing our technology operation, I’m always striving to simplify IT deployment, but it can’t be done at the expense of functionality. This is what led me to evaluate cloud computing for our office applications. After doing my homework, three options were left on the table: Microsoft, Google, and Amazon. We opted to go with Microsoft’s Business Productivity Online Suite (BPOS) solution which was best-suited for our size, reach, and 24×7 response requirements. This said, you should take the time to evaluate all three options because each provider offers a little different functionality. Microsoft BPOS is a fully deployed, cloud-based version of Exchange, SharePoint, Office Communications Online, and Office Live Meeting, which allows us to offload basic functions such as e-mail and Web-based collaboration tools. Why was this important? For one, our e-mail servers were almost four-years-old — ancient in “hardware years.” The money saved by not purchasing three new servers was a “no brainer.” Furthermore, this approach meant substantial time savings for our IT department — i.e., that would be me. Microsoft now handles all updates and maintenance, and we no longer have to pay for applications to screen our e-mail for spam or check e-mail for viruses. For context, consider that our users send and receive over 100,000 e-mails a month. Before moving to the cloud, it used to take on average 12 hours just to back-up our systems. Plus we used to spend $3,000 per year on Trend Micro’s spam filtering services. Rounding out the picture, we were shelling out a chunk of change for collaboration tools such as eRoom (at $300 per license) and Citrix conferencing software ($1,200/per year for just three licenses). Microsoft’s BPOS enabled us to eliminate these costs and ensure that we always have the most current versions of comparable software and a secure environment. The service also comes with 24×7 technical support including support for multiple languages. This last point carried some weight in our evaluation process. With Microsoft BPOS, our overseas offices now have quicker response time to e-mail and receive support in their local languages. I also can’t emphasize enough the value of engaging with a knowledgeable third-party IT consultant to assist with the transition to the cloud. Just the task of importing e-mails from the legacy system into the cloud application is not for the squeamish. You want to make sure you have someone at your side who has been through this exercise before. In our case, we partnered with firm called Zag Technical Services. Zag is a Microsoft Gold Partner, and their consultants helped us wade through all of the costs and steps involved in a successful transition, including the migration of 45 gigabytes of e-mail (which is why I used the term “not for the squeamish.”) As you would expect, our transition to the cloud did not come without its challenges. For example, even though our transition was completed six months ago, I’m still receiving feedback — prefer that word to “complaints” — about e-mail limitations. Employees who have been with the company for five, 10, 15 or more years used to have no limitations when it came to e-mail use. Now, all of a sudden they’re confined by such parameters as a 15MB limit to attachments and 2GB of storage space. And it’s worth pointing out that moving to the cloud has also meant that I had to relinquish some control. Simple requests to modify backend applications now have to go through Microsoft. Not a problem going through a service provider if the changes are made fairly instantaneously with a three-, six-, even a 12-hour turnaround. But we are currently looking at three days — a bit frustrating for an IT director who is used to doing everything herself in-house. Nevertheless, from my perspective as well as from our CFO’s, the benefits far outweigh any downside. Our mantra for 2010 is “shaking up the status quo.” Our move to the cloud has IT leading the charge. Linda Wilson is the IT director of The Hoffman Agency, a global public relations firm with 120 employees.
The promise of cloud computing has been around for years. Like any new technology, it’s taken time for the vendor community to work out the kinks and get cloud computing ready for prime time. While cloud computing comes in numerous flavors, what I’m going to address and what’s typically most relevant to small or mid-sized businesses is software-as-a-service (SaaS). This means that applications are hosted by service providers instead of running on your hardware in the office. This is a big deal. My company — a global PR firm with offices across the United States, Asia, and Europe — depends on extremely high service levels from the IT function. As a one-woman band managing our technology operation, I’m always striving to simplify IT deployment, but it can’t be done at the expense of functionality. This is what led me to evaluate cloud computing for our office applications. After doing my homework, three options were left on the table: Microsoft, Google, and Amazon. We opted to go with Microsoft’s Business Productivity Online Suite (BPOS) solution which was best-suited for our size, reach, and 24×7 response requirements. This said, you should take the time to evaluate all three options because each provider offers a little different functionality. Microsoft BPOS is a fully deployed, cloud-based version of Exchange, SharePoint, Office Communications Online, and Office Live Meeting, which allows us to offload basic functions such as e-mail and Web-based collaboration tools. Why was this important? For one, our e-mail servers were almost four-years-old — ancient in “hardware years.” The money saved by not purchasing three new servers was a “no brainer.” Furthermore, this approach meant substantial time savings for our IT department — i.e., that would be me. Microsoft now handles all updates and maintenance, and we no longer have to pay for applications to screen our e-mail for spam or check e-mail for viruses. For context, consider that our users send and receive over 100,000 e-mails a month. Before moving to the cloud, it used to take on average 12 hours just to back-up our systems. Plus we used to spend $3,000 per year on Trend Micro’s spam filtering services. Rounding out the picture, we were shelling out a chunk of change for collaboration tools such as eRoom (at $300 per license) and Citrix conferencing software ($1,200/per year for just three licenses). Microsoft’s BPOS enabled us to eliminate these costs and ensure that we always have the most current versions of comparable software and a secure environment. The service also comes with 24×7 technical support including support for multiple languages. This last point carried some weight in our evaluation process. With Microsoft BPOS, our overseas offices now have quicker response time to e-mail and receive support in their local languages. I also can’t emphasize enough the value of engaging with a knowledgeable third-party IT consultant to assist with the transition to the cloud. Just the task of importing e-mails from the legacy system into the cloud application is not for the squeamish. You want to make sure you have someone at your side who has been through this exercise before. In our case, we partnered with firm called Zag Technical Services. Zag is a Microsoft Gold Partner, and their consultants helped us wade through all of the costs and steps involved in a successful transition, including the migration of 45 gigabytes of e-mail (which is why I used the term “not for the squeamish.”) As you would expect, our transition to the cloud did not come without its challenges. For example, even though our transition was completed six months ago, I’m still receiving feedback — prefer that word to “complaints” — about e-mail limitations. Employees who have been with the company for five, 10, 15 or more years used to have no limitations when it came to e-mail use. Now, all of a sudden they’re confined by such parameters as a 15MB limit to attachments and 2GB of storage space. And it’s worth pointing out that moving to the cloud has also meant that I had to relinquish some control. Simple requests to modify backend applications now have to go through Microsoft. Not a problem going through a service provider if the changes are made fairly instantaneously with a three-, six-, even a 12-hour turnaround. But we are currently looking at three days — a bit frustrating for an IT director who is used to doing everything herself in-house. Nevertheless, from my perspective as well as from our CFO’s, the benefits far outweigh any downside. Our mantra for 2010 is “shaking up the status quo.” Our move to the cloud has IT leading the charge. Linda Wilson is the IT director of The Hoffman Agency, a global public relations firm with 120 employees.
You’ve sent an important business e-mail to a contact, but it never arrives. The person on the other end complains. Eventually, your message is found, trapped in the recipient’s spam filter. If this scenario sounds familiar, there’s a good chance your email server has been blacklisted. E-mail software routinely uses blacklists as a first line of defense against the relentless onslaught of spam. Blacklists work by keeping track of the Internet protocol (IP) numbers of servers that have sent spam. Once your e-mail server’s IP number is on a list, any spam filter using that list will automatically block message from your server. Server owners generally are not notified that they’ve been added to a blacklist. In fact, most small businesses only find out they’ve been blacklisted when they hear from their contacts that an expected e-mail either vanished or was stopped as spam, according to Peter Firstbrook, research director at Gartner. By that time, you’ve already got a serious problem. An anti-blacklist strategy You don’t have to wait until messages go missing before dealing with blacklist issues. What follows is a six-part strategy for staying off e-mail blacklists. Please note that this strategy assumes you host your own e-mail. If you use hosted e-mail, and the server gets blacklisted, there’s little you can do but complain to your provider and immediately start looking for a replacement. Assuming you do host your own e-mail, though, these steps should help you stay in the clear: Test your blacklist status. Begin by making sure your IP address isn’t already blacklisted. Sites like MXToolbox allow you to input your mail server’s IP number and will check it against the most commonly used blacklists. Don’t send unsolicited mass e-mails. Needless to say, the easiest way to ensure that your server will wind up blacklisted is to use it to send unwanted e-mails recipients may view as spam. A few such complaints can get your server blocked in a hurry — so don’t do it. (For additional tips on keeping marketing e-mail out of spam filters, see this IncTechnology article.) Check your company for bot computers. The most common way a company’s server winds up blacklisted is because one or more of its computers has become part of a “botnet.” A botnet is a group of computers infected by malware that allows outsiders to use them for tasks such as sending out spam, usually without their owners’ knowledge. Botnets are a preferred method for spam distribution for the obvious reason that they prevent spam from being traced to its source. With increasing demand from a growing spam industry, botnets are becoming alarmingly widespread. “Most companies already have bots in their organizations,” Firstbrook says. “You’re best off if you assume you have a bot, and then go find it, rather than starting from the assumption that you don’t.” Observe strict security protocols. If you’ve managed to stay clear of botnets so far, your best chance of remaining that way is to keep your company as secure from malware as you can. That means not only running the standard suite of security applications — anti-virus, intrusion prevention, anti-spyware, and anti-spam — but also making sure patches and updates are deployed as quickly as possible. “The Microsoft Tuesday patch needs to be on all computers by Wednesday,” Firstbrook says. “And if the only browser you’re keeping up to date is Internet Explorer, then that should be the only one employees can use.” He also recommends preventing employees from surfing to certain dangerous sites. Block port 25 on every machine except your e-mail server. Port 25 is a generally agreed standard for most computers and servers use when sending e-mail to the Internet. A legitimate user within your company would not send out e-mail directly from his or her computer, but would use your e-mail software to route it through your company’s e-mail server. A bot, on the other hand, would send spam directly — through port 25 — to avoid detection. Blocking this port on all but your e-mail server won’t prevent you from having bot computers, but it will prevent those computers from sending out spam and landing your company on a blacklist. Be aware of your neighbors. Another way to get blacklisted through no fault of your own is if a server adjacent to yours on a network sends out spam. Many blacklists block not only the specific server that sent the spam, but also other servers with numbers with mostly matching digits. “Even as a security company, we got blacklisted once because we’d installed our servers in a data center, and one of the other servers there sent out spam,” notes Dirk Morris, founder and CTO of Untangle, an open-source gateway provider. The offender happened to be another server with a number near to Untangle’s. “Any time you rent Internet space, you have a neighbor, and you can be affected by what that neighbor does,” he says. If you get blacklisted What do you do if you find out you’re already on one or more blacklists? “If you are, it’s bad news,” Firstbrook says. “It’s not an easy problem to solve.” Each blacklist has a different procedure for requesting removal, so you’ll have to follow a different set of instructions for each list you’re on. Or, you could just wait. “They usually expire after five days or so,” Morris says. “On the other hand, you can’t send anyone e-mail during those days. Whatever you do, make sure you’ve actually identified and solved the problem that caused you to be blacklisted in the first place before you ask to be taken off the list. “You’d be surprised how many people skip this step,” Morris says. “When someone tells you you’re sending spam, the common reaction is ‘No, I’m not,’ instead of trying to find out if there’s a bot or other problem.” That kind of thing can sour your relationship with the blacklist providers, and make it harder to get off the list in case of any future incidents, Firstbrook says. “Don’t say that you’ve cleaned things up and then let something happen that will put you back on the blacklist,” he says. “You don’t want to try their patience.” SIDEBAR: Blacklist Testing Sites Want to find out if you’re on any blacklists? These sites can tell you. MXToolbox checks your IP address against 147 blacklists, and offers the option of sending a ping e-mail to its server — a super-easy way to lean whether you’re on a blacklist or not. Blacklistedip not only lets people know when they’re blacklisted, but helps track the issue that caused the blacklisting and assists with getting off the blacklist. Repcheck constantly monitors some 200 blacklists and alerts you if you get blacklisted. Blacklist Sites Need to get off blacklists? Here are three of the most popular, but there are many more. MAPS, now part of Trend Micro, offers both information on whether you’re blacklisted, and also threat analysis. SpamCop provides anti-spam software as well as its blacklist of spamming server IP addresses. The Spamhaus Project is an international, non-profit effort to combat spam.
Security posture isn’t just posturing. In fact, this bearing may be the most important aspect of your business’ approach to security. What is security posture? It’s your overall security plan, which protects from internal and external threats, says Jon Clay of Trend Micro, a content security service provider in Cupertino, Calif. Evidence of security posture can be found in the way you deal with customer receipts, control employee social security numbers, or how often you update the anti-virus software. In other words, security posture is comprised of technical and non-technical policies, procedures and controls. Security posture is what results from “the strategy you take toward managing your risks,” says Mike Murray, director of Neohapsis Labs, a security-focused consulting firm in Chicago, Ill. And ignorance can cost. A stolen credit card number — whether resulting from a dumpster-diver’s dig through your garbage can or a hacker’s mischief — can result in a large fine from the issuing company. A three-step approach to security It’s a balancing act for small businesses. “They have to determine how much risk they are willing to accept,” Clay says, “to determine what level of security they implement.” Analyze compliance requirements and business partners’ mandates. “This will allow them to build out a security posture that minimizes risk while still allowing them to run their business efficiently and profitably,” Clay says. Murray suggests a three-step approach to security posture assessment and resolution: Determine all the data your competitors, thieves, and other no-gooders want to steal from the business, or from partner businesses. These could include credit card numbers, social security numbers, corporate assets, or even your business strategies for the next six months. Figure out how thieves might acquire the data. Murray says that this step may require a consultant or an in-house expert in risk management. A high-quality assessment will provide details on slack approaches to data, whether in the IT or physical world. “We aptly call it information security,” Murray says, not just technology security. Install controls to prevent theft, at a “palatable” cost, Murray says. Your response may depend upon variables such as your business’ financial situation and the actual likelihood of compromised data. Few businesses are too small Trent Dyrsmid, CEO of IT service provider Dyrand Systems, Inc., based in Vancouver, B.C., says he often hears businesses claim, “My company’s too small. No one will hack us. We don’t have anything.” However, “anybody is fair game,” says Dyrsmid, and he points out that many threats can come from within, “like disgruntled employees marching out the door with company data on USB stick or CD.” Small businesses aren’t immune to simple errors or carelessness, either. “Employees need to know how they should handle sensitive data, as they may not know they could be compromising security,” Clay says. Proactive policy can prevent customer addresses from falling into the wrong hands. Assessing security posture is one milestone on a company’s path to maturity and healthy growth. Executing change is the nets, and then repeating the assessment six months later will be the next step. So straighten up and look around — your business’ posture may be telling you something.
Security posture isn’t just posturing. In fact, this bearing may be the most important aspect of your business’ approach to security. What is security posture? It’s your overall security plan, which protects from internal and external threats, says Jon Clay of Trend Micro, a content security service provider in Cupertino, Calif. Evidence of security posture can be found in the way you deal with customer receipts, control employee social security numbers, or how often you update the anti-virus software. In other words, security posture is comprised of technical and non-technical policies, procedures and controls. Security posture is what results from “the strategy you take toward managing your risks,” says Mike Murray, director of Neohapsis Labs, a security-focused consulting firm in Chicago, Ill. And ignorance can cost. A stolen credit card number — whether resulting from a dumpster-diver’s dig through your garbage can or a hacker’s mischief — can result in a large fine from the issuing company. A three-step approach to security It’s a balancing act for small businesses. “They have to determine how much risk they are willing to accept,” Clay says, “to determine what level of security they implement.” Analyze compliance requirements and business partners’ mandates. “This will allow them to build out a security posture that minimizes risk while still allowing them to run their business efficiently and profitably,” Clay says. Murray suggests a three-step approach to security posture assessment and resolution: Determine all the data your competitors, thieves, and other no-gooders want to steal from the business, or from partner businesses. These could include credit card numbers, social security numbers, corporate assets, or even your business strategies for the next six months. Figure out how thieves might acquire the data. Murray says that this step may require a consultant or an in-house expert in risk management. A high-quality assessment will provide details on slack approaches to data, whether in the IT or physical world. “We aptly call it information security,” Murray says, not just technology security. Install controls to prevent theft, at a “palatable” cost, Murray says. Your response may depend upon variables such as your business’ financial situation and the actual likelihood of compromised data. Few businesses are too small Trent Dyrsmid, CEO of IT service provider Dyrand Systems, Inc., based in Vancouver, B.C., says he often hears businesses claim, “My company’s too small. No one will hack us. We don’t have anything.” However, “anybody is fair game,” says Dyrsmid, and he points out that many threats can come from within, “like disgruntled employees marching out the door with company data on USB stick or CD.” Small businesses aren’t immune to simple errors or carelessness, either. “Employees need to know how they should handle sensitive data, as they may not know they could be compromising security,” Clay says. Proactive policy can prevent customer addresses from falling into the wrong hands. Assessing security posture is one milestone on a company’s path to maturity and healthy growth. Executing change is the nets, and then repeating the assessment six months later will be the next step. So straighten up and look around — your business’ posture may be telling you something.
Small and mid-size businesses have become increasingly savvy about securing their computers, servers, and networks. At the same time, the hackers, crackers, and other criminal minds have become equally as confident that one Trojan or virus can make conducting business difficult, if not impossible. Many small and mid-size businesses have developed a “sense of complacency” regarding security because large-scale viruses aren’t the main threat anymore, says Adams Hils, small and mid-size business security analyst for Gartner, the Stamford, Conn. research firm. But he and other analysts warn that the danger is now worse because criminals are looking to steal data for financial gain — not merely for mischief-making. “They don’t want to generate headines,” Hils said. “They want to generate revenue.” Furthermore, if your business retains customer data and you do business over the Internet, your business is a potential target. Basic anti-virus tools aren’t enough Firewall misconfigurations, weak encryption and passwords, and lapsed software patchwork can lead to company or customer data theft for a business. Basic anti-virus software isn’t enough to protect many small and mid-size businesses these days, and anti-spyware is becoming increasingly important. Malware from websites has grown 540 percent over the last two years, according to Gartner. Security software maker Symantec, in its most recent Internet Security Threat Report, warned that in addition to other malware problems, phishing was a growing concern for businesses in 2007. Symantec said that servers for small business could be used as hosts for phishers because the companies are often short on IT staff and therefore could be at risk for lapsed security patches. That’s why it’s important for all businesses — no matter what size — to maintain tight security on all data and company information, analysts say. “You’re trying to increase the number of barriers between yourself and the bad guys,” says Anil Miglani, senior vice president at AMI-Partners, a market research firm based in New York. AMI-Partners estimates that security spending among small and mid-size North American companies will be $5.25 billion in 2007 — up from $4.5 billion in 2006. It expects double-digit growth rates for security spending among North American small and mid-size businesses over the next five years. New products offer solutions It’s no surprise, then, that vendors have new security products for small and mid-size businesses, which are prioritizing security upgrades but demand simplicity and affordability, according to Forrester Research. Because of these factors, Microsoft is gaining ground in the security market, according to analysts. Microsoft’s Forefront Client Security is one of the cheapest anti-virus and anti-spyware security solutions on the market, but it may be too basic for some businesses, analysts warn. “For some smaller businesses that are not as exposed to Web threats and outside threats, it might be OK,” Hils said. Security heavyweights McAfee and Symantec offer “the most robust” solutions but are pricier, says Natalie Lambert, an analyst with Forrester Research. Symantec’s Client Security and Anti-Virus products are developed for businesses of varying size, but like most vendors, it does not have a one-size-fits-all solution, Lambert said. McAfee has specific products for small and mid-size businesses such as its Active VirusScan SMB Edition, as well as separate host intrusion products. The company provides management support which is crucial for companies with small IT staffs, Lambert said. Bundled options best for small business McAfee does not combine its anti-virus and anti-spyware solution. Gartner advises small and mid-size businesses to use vendors that bundle anti-spyware with their anti-virus products, such as Symantec, Trend Micro or Panda Software, or to negotiate with their current vendors for a competitive combined anti-virus and anti-spyware price. A smaller competitor, eEye Digital Security’s Blink product, has performed well in independent tests. It covers several security concerns by offering anti-virus, anti-spyware, anti-phishing and firewall protections, as well as intrusion preventions and detections. Whether you need a basic or more sophisticated security product depends on the needs of your business. For example, if you do business on the Web or if you have several employees and want to tighten internal as well as external security. It’s important that you assess your own needs — or have an assessment conducted for you — before shopping for products, Miglani advises. And, he warns, don’t think that your business is immune to threats, no matter how small it might be. “The probably of these [attacks] happening can be low, but the potential damages can be high,” Miglani says.
When it comes to data security, peace of mind is fleeting at best. Just when you’ve sequestered your precious information behind the highest wall money can buy, some malevolent hacker inevitably figures out a way to undermine your plan. Or one of your software vendors announces a security flaw that needs immediate patching. Perhaps that explains why security spending is the fastest-growing part of IT spending, according to market researcher International Data Corp. The information security industry is also complex, especially for those who are less than tech savvy. Do you need a software firewall? A hardware firewall? Both? The fact is, while there are scores and scores of so-called solutions, none of them can solve every potential security problem facing today’s Web-driven businesses. But there are some great systems; here are six that we like the best. Best for… Cleaning up your e-mail system Trend Micro Client Server Messaging Security for SMB What it does: Viruses, spam, and phishing are the three-headed monster of e-mail. Trend Micro helps tame the beast. The company constantly monitors e-mail threats, sending software updates to fend off viruses, quarantine spam, and foil phishers. What’s cool: Trend Micro’s system installs updates automatically and will do so as often as you like–even as frequently as once an hour–on all PCs and servers on a network, including those in remote locations. It notifies you if there’s an unusual amount of spam coming in or efforts to phish for employee data. Trend Micro also removes viruses should your system become infected. Drawbacks: The SMB client server runs on Microsoft’s Exchange server, so non-Exchange users need a different product. It also does not block spyware or unwanted content (though Trend Micro has other products that do both). Price: $241 a year (for five users) to $44,100 a year (for 1,000 users) Best for… Wireless users Meru Networks MC500 and AP200 What it does: These days, more computer users are being linked via in-house wireless networks. Meru, which makes components for corporate wireless networks, offers supercharged security protocols and data encryption to ensure that hackers can’t sit in your parking lot and read your e-mail. What’s cool: Most wireless networking equipment will detect an attempt by an unauthorized or unknown user to get access to your network. Meru’s security equipment goes even further, jamming and scrambling those rogue signals. Drawbacks: Meru can secure your company’s wireless network, but you can’t take it with you on the road. In other words, e-mail sent from public wireless networks (say, from home or the local Starbucks) is not protected. Price: Starts at $2,300, for a network of about 10 people Best for… Backing it all up SonicWall CDP 2440i What it does: Say a virus gets inside your network and corrupts your data. SonicWall’s CDP (for continuous data protection) is a giant hard drive that constantly saves the data on your network, allowing you to restore a clean version of all the data on every networked PC at the click of a button. What’s cool: SonicWall uses hard drives rather than the tape used by many other data backup providers. Simply connect SonicWall’s CDP to your network and it captures data and gives it a time stamp every time someone saves. That’s true for workers on the road too, as long as they’re connected to the network. SonicWall’s hard drive also sends an encrypted copy of its data to a bombproof location in case of emergency. Drawbacks: The backup system works only with data that’s on a company network. So if a notebook is stolen, you can recapture its data from its last save–but you can’t keep the data off the streets. Price: $1,999 (for a 192-gigabyte hard drive) to $7,999 (for a rack-mounted 1.2-terabyte drive) Best for… Handing off the problem to someone else Nexum FirstDefense for SMBs What it does: If you can’t afford an in-house security specialist, outsource the task to Nexum, which will set up a comprehensive security system and run and monitor it, 24 hours a day. What’s cool: Nexum consultants and engineers will inspect your network and systems for security weak points and then fix them. The company handles every element of security, from vulnerability scanning to putting a lid on spam. It also makes sure that all of your security products are up to date. Drawbacks: Outsourcing means giving up control as well as headaches. Another issue is that outsourcers work only with certain products; Nexum, for example, does not work with SonicWall firewalls. So if you have a security infrastructure in place, you may need to purchase new equipment. Price: $200 to $1,500 a month, depending on the size and complexity of the client Best for… An all-in-one solution Fortinet FortiGate-60M What it does: FortiGate combines hardware and software in a single box to provide a one-stop shop for basic business security. It includes a firewall, antivirus software, tools to detect if people are trying to invade your network, tools to stop them, content filtering, and features to boost network performance. What’s cool: Despite all the features, FortiGate is simple to manage. And as your company’s needs change, there’s an entire family of products to help you, for example, add wireless capabilities or more users. Drawbacks: Convenience has its price. In other words, all-in-one products generally are good at everything but great at nothing. Price: $895 Best for… Managing software updates Shavlik HFNetChkPro What it does: Software changes fast, and no one has time to track all the updates and security patches that vendors seem to be releasing on a daily basis. Shavlik’s software tracks patches offered by leading software vendors–including Microsoft, Apache, and the Firefox browser–and makes sure you know about them. What’s cool: When software patches and updates are released, Shavlik’s HFNetChkPro automatically installs them on every computer on a company’s network. In most cases, users won’t even know their computers are being updated, though Shavlik’s software issues a message if a patch is significant enough to require a reboot. Drawbacks: Shavlik systems can be difficult to deploy across multiple locations; to do so, you may need to purchase separate licenses for the product. Price: From $93 for five users to $14,685 for 999 users, plus an annual maintenance fee of 25 percent of the cost
When it comes to data security, peace of mind is fleeting at best. Just when you’ve sequestered your precious information behind the highest wall money can buy, some malevolent hacker inevitably figures out a way to undermine your plan. Or one of your software vendors announces a security flaw that needs immediate patching. Perhaps that explains why security spending is the fastest-growing part of IT spending, according to market researcher International Data Corp. The information security industry is also complex, especially for those who are less than tech savvy. Do you need a software firewall? A hardware firewall? Both? The fact is, while there are scores and scores of so-called solutions, none of them can solve every potential security problem facing today’s Web-driven businesses. But there are some great systems; here are six that we like the best. Best for… Cleaning up your e-mail system Trend Micro Client Server Messaging Security for SMB What it does: Viruses, spam, and phishing are the three-headed monster of e-mail. Trend Micro helps tame the beast. The company constantly monitors e-mail threats, sending software updates to fend off viruses, quarantine spam, and foil phishers. What’s cool: Trend Micro’s system installs updates automatically and will do so as often as you like–even as frequently as once an hour–on all PCs and servers on a network, including those in remote locations. It notifies you if there’s an unusual amount of spam coming in or efforts to phish for employee data. Trend Micro also removes viruses should your system become infected. Drawbacks: The SMB client server runs on Microsoft’s Exchange server, so non-Exchange users need a different product. It also does not block spyware or unwanted content (though Trend Micro has other products that do both). Price: $241 a year (for five users) to $44,100 a year (for 1,000 users) Best for… Wireless users Meru Networks MC500 and AP200 What it does: These days, more computer users are being linked via in-house wireless networks. Meru, which makes components for corporate wireless networks, offers supercharged security protocols and data encryption to ensure that hackers can’t sit in your parking lot and read your e-mail. What’s cool: Most wireless networking equipment will detect an attempt by an unauthorized or unknown user to get access to your network. Meru’s security equipment goes even further, jamming and scrambling those rogue signals. Drawbacks: Meru can secure your company’s wireless network, but you can’t take it with you on the road. In other words, e-mail sent from public wireless networks (say, from home or the local Starbucks) is not protected. Price: Starts at $2,300, for a network of about 10 people Best for… Backing it all up SonicWall CDP 2440i What it does: Say a virus gets inside your network and corrupts your data. SonicWall’s CDP (for continuous data protection) is a giant hard drive that constantly saves the data on your network, allowing you to restore a clean version of all the data on every networked PC at the click of a button. What’s cool: SonicWall uses hard drives rather than the tape used by many other data backup providers. Simply connect SonicWall’s CDP to your network and it captures data and gives it a time stamp every time someone saves. That’s true for workers on the road too, as long as they’re connected to the network. SonicWall’s hard drive also sends an encrypted copy of its data to a bombproof location in case of emergency. Drawbacks: The backup system works only with data that’s on a company network. So if a notebook is stolen, you can recapture its data from its last save–but you can’t keep the data off the streets. Price: $1,999 (for a 192-gigabyte hard drive) to $7,999 (for a rack-mounted 1.2-terabyte drive) Best for… Handing off the problem to someone else Nexum FirstDefense for SMBs What it does: If you can’t afford an in-house security specialist, outsource the task to Nexum, which will set up a comprehensive security system and run and monitor it, 24 hours a day. What’s cool: Nexum consultants and engineers will inspect your network and systems for security weak points and then fix them. The company handles every element of security, from vulnerability scanning to putting a lid on spam. It also makes sure that all of your security products are up to date. Drawbacks: Outsourcing means giving up control as well as headaches. Another issue is that outsourcers work only with certain products; Nexum, for example, does not work with SonicWall firewalls. So if you have a security infrastructure in place, you may need to purchase new equipment. Price: $200 to $1,500 a month, depending on the size and complexity of the client Best for… An all-in-one solution Fortinet FortiGate-60M What it does: FortiGate combines hardware and software in a single box to provide a one-stop shop for basic business security. It includes a firewall, antivirus software, tools to detect if people are trying to invade your network, tools to stop them, content filtering, and features to boost network performance. What’s cool: Despite all the features, FortiGate is simple to manage. And as your company’s needs change, there’s an entire family of products to help you, for example, add wireless capabilities or more users. Drawbacks: Convenience has its price. In other words, all-in-one products generally are good at everything but great at nothing. Price: $895 Best for… Managing software updates Shavlik HFNetChkPro What it does: Software changes fast, and no one has time to track all the updates and security patches that vendors seem to be releasing on a daily basis. Shavlik’s software tracks patches offered by leading software vendors–including Microsoft, Apache, and the Firefox browser–and makes sure you know about them. What’s cool: When software patches and updates are released, Shavlik’s HFNetChkPro automatically installs them on every computer on a company’s network. In most cases, users won’t even know their computers are being updated, though Shavlik’s software issues a message if a patch is significant enough to require a reboot. Drawbacks: Shavlik systems can be difficult to deploy across multiple locations; to do so, you may need to purchase separate licenses for the product. Price: From $93 for five users to $14,685 for 999 users, plus an annual maintenance fee of 25 percent of the cost
