PaulDotCom mailing list archives
Re: Security Tips For The Small Business From 70, 000 Feet
From: Michael Dickey <lonervamp () gmail com>
Date: Sat, 20 Aug 2011 10:32:14 -0500
Nice job on that talk! Not sure how to tackle suggestions, so I'll just dig on in. 1. Backup provider - Given non-technical people, I might actually suggest picking up some external hard drives and copying data you can't live without losing onto it. Then store it somewhere safe, like a bank perhaps? And do your backups regularly. It isn't unacceptable to have an SMB CEO store it at home in a safe. 2. You mentioned WSUS (a bit technical), automatic updates (excellent!), and Secunia, and I'm not sure it gets better than that trio. For non-tech small business people, I might suggest finding or befriending a local technical person that you can buy beer for and give a small fee to for regular "check-ups," if you will. Check out software installed and update the important stuff like Adobe, browsers, plugins, etc. It can sort of be the equivalent of the neighbor kid mowing your lawn. Maybe someone in the local Geek Squad actually has some brains and wouldn't mind a little side job; same goes for those SMB IT guys your peers contract for the exact same purposes; not full time, but on call for needs. 3. Least Privilege - I like this bullet in your talk as a concept, but I think talking about running as non-admin on systems is asking a lot from small business folks. It's nice to mention, but I think just emphasizing the concept of least privilege access is important, such as to computers, data, internal apps, keys your employees use, and so on. 4. Encryption - A bit heavy for non-technical. Local disk encryption is important, but again heavy and might get back to taking on an on-contract IT guy for just a bit of one-time help. 5. Network restrictions / Firewalls - Again, a bit heavy, but I like that you blended in wireless access points, although diving into WEP/WPA/wardriving got heavy quick. Just being aware that wireless does not equal private is an important point to make. 6. Password choice, reuse - I love this point and aligns with broader "practice safe computing habits online" strokes. Also, don't share passwords. SMBs learn this the hard way with terminated employees who end up keeping access. You don't let them keep door keys on termination, do you? 7. Data removal - I saw this on your slides, and I'd think it's a bit heavy. On Sat, Aug 20, 2011 at 9:06 AM, Adrian Crenshaw <irongeek () irongeek com>wrote:
A little while back Joe Hollingsworth and I were interviewed for an article in the Southern Indiana Business Source. The local Kiwanis club asked for a 25 min talk on the subject of the article, so we came up with this mandate: Given only 25 minutes, tell us what a small business could do to help their security posture. Well, it ended up being almost 40min and we did not get through all of the slides. The live video camera failed, so the audio in this video is what the laptop recorded. http://www.irongeek.com/i.php?page=videos/security-tips-for-the-small-business-from-70000-feet I'd like some suggestions in case we do the talk again. I think I'd like to expand on: 1. Who to use as a backup provider, or good recommendations for doing it yourself. 2. 3rd party patch management solution recommendations. Ideas? Thanks, Adrian -- "The ability to quote is a serviceable substitute for wit." ~ W. Somerset Maugham -- "The ability to quote is a serviceable substitute for wit." ~ W. Somerset Maugham _______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
_______________________________________________ Pauldotcom mailing list Pauldotcom () mail pauldotcom com http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
Current thread:
- Security Tips For The Small Business From 70, 000 Feet Adrian Crenshaw (Aug 20)
- Re: Security Tips For The Small Business From 70, 000 Feet Michael Dickey (Aug 20)
- Re: Security Tips For The Small Business From 70, 000 Feet 5.K1dd (Aug 20)
- Re: Security Tips For The Small Business From 70, 000 Feet Adrian Crenshaw (Aug 20)
- Re: Security Tips For The Small Business From 70, 000 Feet David3 Gonnella (Aug 20)
- Re: Security Tips For The Small Business From 70, 000 Feet Dancing Dan (Aug 20)
- Re: Security Tips For The Small Business From 70, 000 Feet Matt Nelson (Aug 20)
- Re: Security Tips For The Small Business From 70, 000 Feet 5.K1dd (Aug 20)
- Re: Security Tips For The Small Business From 70, 000 Feet Russell Eubanks (Aug 20)
- Re: Security Tips For The Small Business From 70, 000 Feet Johan Peder Møller (Aug 23)
- Re: Security Tips For The Small Business From 70, 000 Feet Michael Dickey (Aug 20)