You know online fraud exists. You see it in the headlines every day. But what can you do to protect yourself and your business? What are the practical steps you can take to prevent scammers and fraudsters from stealing from your company?
Our founders experienced fraud firsthand and how costly it can be for a business. That’s why they created the Four Pillars of Fraud Protection – hardware, software, people and procedure – that can help you protect any business from would-be thieves. Over a series of four blog posts, we’ll examine each pillar and give you practical tips to safeguard against fraud in each area with questions to ask, steps to take and procedures to implement.
Hardware: an Essential Investment
First up: hardware. When it comes to security, you’ve got to start with the physical connections that make up your system. Is the hardware that you use for your business data and communications fraud proof?
Before you make a big hardware purchase or look at upgrading, take a moment to think about budget. Purchasing secure hardware is an investment. Although there will be patches, updates and maybe even additional features you can install through the life of your hardware, it will largely stay the same even as software, personnel and scams change rapidly. Choose wisely and make an investment in hardware that will keep your business secure.
Perimeter Security Hardware
Think of a castle. Around the entire perimeter of its thick stone walls is a moat, making sure not just anyone can flow in and out. Like a moat controls who comes in and out of a castle, perimeter security, including a firewall and other forms of threat detection, monitors your ingoing and outgoing web traffic and can provide the first defense against attacks.
A perimeter security system is going to keep an eye on data flowing in and out of your system, looking for any unusual patterns and abnormal behavior that could indicate that you’re being attacked.
Invest in an advanced perimeter security system, such as Cisco or Watchguard. Any perimeter security hardware you acquire should have the following features:
- Web-Content Filtering
- Anti-Virus Scanning
- Reputation, Application and Protocol Protection
- Advanced threat protection for Zero-Day exploits
- Data loss prevention and auditing policies
- Geolocation Blocking
These kinds of perimeter security system will also keep you subscribed to a threat database that’s always up to date with the latest scams, viruses, malware and other potential threats so you have the patches and systems you need to keep your systems safe.
Network Security Hardware
You might think of your business’s wireless network as a communication tool, but fraudsters think of it as a door. If they can get inside the door, they can find out a lot more about your business and its potential vulnerabilities than by just peering through a cloudy window. That’s why it’s important that your network is secure and not open to just anyone.
Don’t allow guests to connect to your main wireless network. Create a separate network for guests to use while at your business so scammers can’t use it to gain valuable information. In addition, you’ll want wireless intrusion prevention, which keeps people from multiple attempts at guessing your password. And finally, it’s essential that your network has identity-based 802.1x authentication.
If your perimeter security system and firewall are the moat surrounding your castle, think of systems monitoring as the sentry at the gate, ready to alert you to any potential intruder. You need a separate computer on your network that’s in direct communication with the firewall and alerts you with a text or email message when something out of the ordinary occurs.
At first, you may get too many alerts, notifying you when there’s probably nothing wrong. But more information is better when it comes to security, and over time, you can turn off alerts that you know aren’t necessary. If you’ve ever had a credit card purchase denied because the company was concerned it wasn’t really you using your card, you know that sometimes the momentary hassle is worth it to know that someone isn’t creating a mess you’ll have to clean up later.
Life happens. Hardware fails. The power goes out. A file is deleted. For those times when things don’t go as planned, you need a redundant, robust, and encrypted backup strategy that utilizes the 3-2-1 rule.
Let’s break down what that means:
- Redundant – identical functions performed by multiple pieces of equipment so if one fails, you’ll have the same service or storage performed by another.
- Robust – (what does this mean specifically as it relates to infrastructure?)
- Encrypted – Your data should be encrypted so that even if someone gets direct physical access to a hard drive, it will be meaningless to them.
- 3-2-1 rule – 3 copies of your data (the original and 2 backups), backed up on at least 2 different types of storage, with at least 1 copy of your data stored offsite.
Having a redundant, robust system is essential because that “oops” moment when things change is when you’re the most at risk for fraud. Criminals will seize the opportunity to take advantage of vulnerabilities and strike while you’re busy dealing with the latest crisis.
Again, security hardware is an important investment for any business. Take your time selecting the hardware that’s going to best serve your company for years to come. Investing in proper security is a much better way for your business to spend money than shelling out to recover from a vicious cyber attack.
Now that our hardware is ship shape we need to explore the other potential vulnerabilities. Find out how to secure your software in the second part of our series and make wire fraud a thing of the past.