• CONTACT US
• CLIENT LOGIN
• COMPANY
  • Company Overview
  • List of Locations
    • Western
      • Denver
      • Los Angeles
      • Orange County
      • Phoenix
      • Sacramento
      • San Diego
      • San Francisco Bay Area
      • Seattle
    • Central
      • Chicago
      • Dallas
      • Houston
      • Minneapolis
      • St. Louis
    • Eastern
      • Atlanta
      • Boston
      • Miami
      • New Jersey
      • New York
      • Philadelphia
      • Washington DC
  • Mission & Values
  • Management Team & Board
  • Careers
    • Careers Overview
    • Hiring Heroes
    • A Day in the Life
    • Job Opportunities
    • Benefits
    • Partner with Us
  • News and Press
  • Contact Us
  • Client Remote Support
• PARTNERS
  • All Covered Partnerships
  • Referral Partners
  • Technology Partners
  • I'm Interested!
• LEARNING CENTER
  • Learning Center Overview
  • Events
  • Newsletters
• SERVICES
  • Overview
  • Opting for All Covered
  • Our Approach
  • All Covered Care Overview
    • All Covered Care
      • Remote Monitoring
    • All Covered Security
    • All Covered Backup
    • All Covered Procurement
  • Enhancement Services Overview
    • Strategic Planning
    • Desktop Support
    • Staff Augmentation
    • Key Technologies
  • FAQs
  • IT Savings Calculator
• TECHNOLOGY
  • Technology Overview
  • IT Security
  • Mobility
  • Microsoft
    • MS Vista
    • MS Server Products
  • Connecting Remote Locations
  • Emerging Technologies
  • Topics on Technology
• BUSINESS CHALLENGES
  • Overview
  • Growing your Business
  • IT Strategic Planning
  • Increasing Productivity
  • Complying With Regulations
  • Coping with Changes
  • Business Continuity Planning
  • Client Case Studies
    • IT Services for Architects
    • IT Services for Construction
    • IT Services for Engineering
    • IT Services for Financial Services
    • IT Services for Legal
    • IT Services for Manufacturing
    • IT Services for Multi-Location
    • IT Services for Non-Profit

Technology > Security > Defense in Depth Reference Guide

Defense in Depth Reference Guide

Security Strategies to Protect Small Business

Defensive Layer 1: Blocking Attacks – Network Based

 

1. Firewalls (Must Have)
   • Firewalls:
     • PIX firewall
     • SonicWall

      

2. Secure Email – Anti-Virus and Anti-Spam (Must Have)
   • Remote protection
     • All Covered Email Protection
   • Localized Protection
     • Symantec AntiVirus Gateway Solution
     • Trend Micro™ InterScan VirusWall
     • McAfee Secure Web Gateway

      

3. Secure Web Filtering (Should Have)
   • WebSense
   • Surf Patrol from Vantage Software
   • eTrust® Secure Content Manager from CA
   • SonicWall Content Filtering Service

    

4. Discovery and Mitigation (Should Have)
   • Quarterly scan and assessment of the network for vulnerabilities and exploits
   • MBSA
   • HFNetcheck
   • Languard

    

5. Intrusion Prevention (IPS) (Enhancement)
   • SonicWall and PIX firewalls
   • MyTek Managed Security

    

6. Intrusion Detection (IDS) (Enhancement)
   • MyTek Managed Security
   • Juniper Networks IDP 50
   • Snort

    

7. Managed Security Services (Enhancement)
   • MyTek Managed Security

    

Defensive Layer 2: Blocking Attacks – Host Based

 

1. Personal Anti-virus (Must Have)
   • Symantec Anti-Virus
   • McAfee Anti-Virus
   • Trend Micro

    

2. Spyware Removal (Must Have)
   • Spysweeper from Webroot
   • Adaware from Lavasoft
   • Spybot search and destroy from Safer Networking
   • Windows® Defender (Beta 2) from Microsoft

    

3. Personal Firewalls (Should Have)
   • Windows XP SP2 Firewall
   • ZoneAlarm Pro from Zone Labs
   • Black Ice defender from Internet Security Systems

    

4. Host Intrusion Prevention System (Enhancement)
   • Symantec Critical System Protection
   • McAfee Host Intrusion Prevention for desktops and servers
   • Blink® Endpoint Vulnerability Prevention from Eeye digital security
   • Cisco Security Agent

    

Defensive Layer 3: Eliminating Security Vulnerabilities

 

1. Patch and Configuration Management and Compliance (Must Have)
   • WSUS from Microsoft
   • MBSA from Microsoft
   • HFNetChkPro from Shavlik

    

2. Vulnerability Management and Penetration Testing (Should Have)
   • MyTek Managed Security
   • Core Impact from Core Security Technologies
   • Languard Security Scanner
   • Nessus

    

Defensive Layer 4: Safely Supporting Authorized Users

 

1. Strong Passwords (Must Have)
   • Password cannot be based on or contain the user's account name
   • Must contain at least 8 letters
   • Must contain digits and punctuation characters (%,$,@, etc.)
   • Mandatory password change every 90 days
   • Passwords can't be reused for 270 days or longer
     
     
2. File Encryption (Must Have)
   • Windows XP Encrypting File System (EFS)
   • TrueCrypt open-source disk encryption software for Windows XP/2000/2003 and Linux
   • BestCrypt v.7 for Windows from Jetico
     
     
3. Virtual Private Networks (VPNs) (Should Have)
   • Hardware to Hardware (home office firewall)
   • Software to Hardware (VPN client)

 

4. Secure Remote Access (Should Have)
   • Citrix
   • Microsoft Windows Terminal Services
   • Microsoft Windows XP Remote Desktop

    

5. ID & Access Management (Enhancement)
   • RSA SecurID® hardware tokens
   • Enterprise Access Cards by ActivIdentity

    

Defensive Layer 5: Tools to Minimize Business Losses and Maximize Effectiveness

 

1. Back-Up (Must Have)
   • Backup Exec from Veritas
   • Symantec Livestate Recovery Server with Restore Anywhere
   • ArcServe from Brightstore
   • Retrospect from EMC Insignia

    

2. Security Skills Development (Must Have)
   • Localized Security Seminar
   • Lunch and learn events

    

3. Log Management (Should Have)
   • Kiwi Syslogger
   • Mytek Managed Security

    

4. Regulatory Compliance Tools (Enhancement)
   • NetChk™ Compliance from Shavlik
   • Compliance solutions from NetIQ

To ensure protection in the small business environment it is critical to implement solutions at EACH Layer to provide overlapping protection.