One of the effects of the pandemic has been a marked increase in the number of small startup businesses often operated from home. They are sometimes called “Small Office, Home Office” or SOHO businesses, and need a simple computing infrastructure.
The work from home environment is becoming increasingly common. Small startups use their own SOHO networks or personal devices to reach networks operated by corporate customers or principals. This can reduce operational costs, and increase productivity, but on the downside, opens up new opportunities for cybercriminals to use home and small business networks as gateways to corporate networks.
Startup business networks face the same business security threats as do larger networks but tend to have limited resources and budgets to spend on IT hardware, software, maintenance and support. In most cases, the business systems are installed and administered by the business owner, who does not want to spend time on solving business security problems with a possibly complex IT infrastructure. It would be a wise investment to have a security professional set up the startup network.
Today, a typical startup network will be based on a WiFi infrastructure rather than a cabled solution., WiFi is more flexible, and with a mesh environment, minimizes the amount of cabling and network hardware needed. If we approach the design of a Startup network to build in as much business security as possible from the start, that goes a long way to removing one area of concern from the new business owner.
If we discount the physical threats of theft and damage to equipment, the threats faced by startup networks are, by and large, the same as those faced by their larger cousins. External and internal unauthorised access to systems and data, malware, including spyware and direct hacking attacks. .
Potential Threats and Counter Measures
-
Default Configurations
Network equipment like routers and switches come with a default configuration, including access credentials. The credentials are well known and can be found on the Internet, or easily guessed, often admin/admin or admin/1234. The first, and vital step is to change those default configurations. And continue to do so regularly. Many network audits have found that this simple and vital security measure isn’t carried out.
In the case of network switches and routers, it is usually possible to physically reset the device to a default configuration, including management credentials. Switches should be kept in a locked cabinet or secure location. SOHO WiFi routers need special consideration. Many authorities consider them the most likely subject of a malicious attack because they are easily hackable, particularly if the default configuration isn’t changed. If affordable, use an enterprise router with inbuilt security instead.
A WiFi network is identified by its SSID, which in most default configurations is broadcast by default. To stop smart devices and potential hackers from seeing your network switch off SSID broadcasting and switch on network security. Network security should be AES backed WPA2, with at least a 26 character pre-shared key. Turn off WPS.
A second thing to do is to change the default address range. Most default configurations will have DHCP enabled with a default address range starting at a router address of 192.168.0.1 or 192.168.1.1. Change that to an address range starting at 10.x.y.z.
Finally, on the subject of routers, many routers, including WiFi routers, have an embedded web server. Changing the router address from the default will hide the router from most scanners, and prevent hackers from being able to mount attacks against it.
-
No rogue devices
It wouldn’t be the first time that a network user has plugged in their own network device to a work network without the knowledge of the network admin or the IT department. These devices will appear as “rogue or unknown’” devices on a network map. They must be removed immediately.
-
Internal attacks
An internal issue is theft of data, and the unintended introduction of malware.
Server software, and most applications software have default users with default administrative access. Again these users must be either changed, or new admin users created and the defaults removed. Users should be limited to only those features and functions needed for them to carry out their jobs.
Most malware attacks are initiated through user action or inaction. The FBI has estimated that over 80% of all malware attacks are initiated between the keyboard and the chairback.
Any basic configuration must include properly configured and up to date anti-malware software for both email and Internet access protection.
Basic education for users to tell them how to detect potential malware, for example, phishing attempts is essential. IT security for startups is something for which a startup should budget, including expert advice and support. Basically though, keep it simple.
IT security for startups is something for which a startup should budget, including expert advice and support. Basically though, keep it simple.