Imagine that you’re installing a new building security system, but you’re not sure how it all works, so you just screw the keypads onto the door and assume you’re protected. Or, maybe you changed the default keypad code to the four digit address of your building to make it easy to remember.
Very few business owners would be so naive with physical building security, but cybersecurity is a different story. Replace “building security system” with “small business network” and “keypad” with “router” and you would be describing the state of security for all too many small business networks.
Let’s take a look at the three most common network security holes and steps that you can take to plug them.
Many small business networks have out-of-date firmware, weak or default passwords and misconfigured firewalls.
#1: Out-of-Date Firmware
Hackers found a vulnerability in over one million Draytek routers last year that let them easily gain administrative access. They altered the DNS settings on these routers and maliciously redirected traffic intended for popular websites to fake websites designed to steal personal information — a practice known as phishing.
Most people know that computer software must be kept up-to-date to be secure, but few people realize that most hardware devices also require updates to their firmware. For example, if you’re using an affected Draytek router and haven’t updated the firmware, you could still be at risk for an attack.
Tripwire found that fewer than half of IT professionals had recently updated the router firmware in their own homes and only 32 percent knew how to do it. Most small businesses without dedicated IT personnel could be in even worse shape with outdated and insecure firmware with known vulnerabilities.
The good news is that many modern routers handle these updates for you. For example, Eero, Google Wifi and Luma take care of firmware updates on your behalf. Active Network Protection also includes automatic firmware updates, as well as automatic anti-malware and anti-virus updates.
#2: Weak or Default Passwords
The Remaiten Worm, or KTN Remastered, infected Linux-based routers in 2016 by connecting to random IP addresses and trying out commonly used credentials. Once the virus gained access, the routers were quietly used in distributed denial of service (DDoS) attacks against commercial websites.
These kinds of attacks are successful because of weak or default passwords being used on network equipment. Verizon’s Data Breach Investigations Report found that over 70% of employees reuse passwords at work and more than 80% of all hacking-related breaches occur due to weak or stolen passwords.
For routers, Avast found that more than half of people (51%) have never logged into their router’s administration panel — a prerequisite to change the username and password. While some router manufacturers have begun creating random defaults, these new best practices don’t help businesses using older routers.
The best way to prevent these issues, and the wider problem with weak passwords, is to implement a strong password policy across your organization. Start by creating a list of every password in your organization, and then, use a password manager.
#3: Misconfigured Firewall Rules
Firewalls are designed to block unauthorized access to an internal network while permitting outgoing communication. They block unused ports and monitor activity in open ports to identify malicious behavior, such as suspicious traffic or payloads. Some firewalls even provide first-line anti-virus and anti-malware protection.
IT professionals spend a lot of time worrying about vulnerabilities introduced by software vendors, but in some cases, user error is the biggest problem. According to Gartner, more than 95% of firewall breaches were caused by misconfigurations rather than software defects.
The most common mistakes included using a broad policy configuration or non-standard authentication mechanisms. In addition, some businesses enable dynamic routing and use ‘rogue’ DHCP servers to distribute IP addresses, which can lead to availability issues (from duplicate IP addresses) and potential security risks.
The best solution to these problems is to use a Unified Threat Management (UTM) firewall that’s both comprehensive and easy-to-configure. For instance, Active Network Protection includes an advanced built-in firewall that’s automatically configured and kept up-to-date over time.
How to Ensure You’re Protected
Many small businesses are busy enough trying to survive and grow without worrying about crippling cyber attacks, but that doesn’t mean that they can ignore cybersecurity.
The best way to prevent an attack is to establish security protocols and ensure that everyone is following them. For example, you may create a cybersecurity plan that provides guidance for everything from password policies to managing software updates.
It’s equally important to have the right software solutions in place that make compliance easier. For instance, a password manager designed for teams makes it much simpler to adhere to password best practices. Similarly, automated secure cloud backup services minimize the potential for data loss.
Jungle Disk provides a comprehensive cybersecurity suite that’s designed for small businesses with less than 250 employees. With a simple per employee per month pricing model, you’ll have access to everything you need to lock down your network without worrying about these common security holes.
The Bottom Line
Network security is an afterthought to many small business owners, but out-of-date firmware, weak passwords and misconfigured firewalls are the equivalent of leaving the front door unlocked at the office. The good news is that fixing these vulnerabilities isn’t as difficult as it might seem.
If you’re interested in a comprehensive and easy-to-use cybersecurity platform, get Jungle Disk fully supported by Modern Managed IT today!
