Information Security White Paper

Internet technology and networking have been providing a wide range of options for the growth and success of small businesses for many years. However, these same modern technologies also contain risks that can have devastating effects on an entire enterprise. Network attacks are not only common to big businesses, but to small businesses, too. And because most small companies operate their own network security, they often are not even aware that they have been attacked, or simply react to the occasional virus or damage done to their website hoping it won’t happen again. The simple fact is that most small businesses have neither the necessary time nor resources to spend on network security. The aim of this document is to highlight the need to protect your business computer systems against a wide range of security threats, explain the fundamentals of information and computer security, and recommend a solution for insider theft of intellectual property.

It is estimated that only 53 percent of firms check their computers on a weekly basis to ensure their anti-virus, anti-spyware, firewalls, and operating systems are up-to-date, and 11 percent never check them at all (Charter Communications, 2011). These unguarded systems are an easy target for cyber criminals, competitors, or even unscrupulous employees to exploit. To combat such foes, businesses must address vulnerabilities both on the technical side and on the human side. On the technical side, businesses must implement simple processes to secure technologies such as web servers, e-mail servers, databases, firewalls, routers, embedded network devices, internal networks, remote access, custom applications, software, backup and storage areas, as well as voice communication such as telephones (Charter Communications, 2011). In regards to the human side, organizations must secure their physical infrastructure, employee accesses and permissions, and connections to business and corporate partners (Charter...