Welcome the audience and thank them for coming. Introduce self. Briefly overview what the presentation is about (“How big a problem is Internet security for your business and what you can do about it.”) GENERAL NOTES: Text in double quotes (“text”) are suggested wordings for delivering the information on the slide. Text in square brackets ([text]) are stage directions and not meant to be repeated aloud.
Before starting the introduction – get to know your audience by asking the following questions: Size How many have 1-5 employees? How many have 6-10 employees? How many have 10-20 employees? Greater than 20 employees? No employees? Size of computer network? How many of you have computers connected on a network? Have a file server and/or an email server? How many of you have a wireless network? A virtual private network? How many of you either work remotely or have employees who work remotely, and exchange files with onsite employees? What did you come here to learn about today – any specific concerns that we should address as we go through the presentation? Deirdre – will write down the list as you go….
“ Raise your hands if you had an e-mail address in 1995.” “ Now, keep your hands raised if you had web access in 1995.” “ Now, keep your hands raised if you had a business website in 1995.” [Comment on how few hands are up.] [Continue by reading off the figures for current email addresses, web use, and business websites.] “ The Internet has changed business dynamics forever .”
“ I don’t have to tell you that computer security Risks are on the rise, but here are some ways that you might not have known can lead to security problems.” [read down list] “ With all these risks, the security of your business is up to YOU.”
(Hesham – all this content is from the report including the reasons why these assaults are so costly.) Since August 2003, 4 of the top 5 most financially damaging assaults have occurred. Why? Continual sophistication of malicious code Use of blended attack methods Volume of new attacks increasing Organizations lack of security
“ One important thing to understand is that there are many different kinds of Risks out there. Let’s break these Riskss into three categories: Malicious code, Hackers, and Time wasters. We’ll define each of these some more.” [read list]
“Malicious code can take one of three forms, a virus, a worm or a Trojan horse” [Read definitions for each] Sharing Experience from the audience
“We all know about hackers from the news media. Here are some of the things they can do to a business.” [read list and definitions] Sharing Experience from the audience
“Finally, there are time wasters. These may seem trivial, but we’ll discuss in a moment why you should guard against these just as you would malicious code or hackers.” [read list and definitions] Sharing Experience from the audience
This graph shows (a) the evolution of computer virus/worm threats with respect to their speed of replication (blue line) and (b) the evolution of antivirus technology with respect to the speed of response (red line). The horizontal axis is measured in years, from 1990 to 2005. The vertical axis actually shows two different sets of times (both have the same time scale as indicated on the left-axis). The left vertical axis (blue text), shows how long it takes for a malicious code to reach “contagion” status, where it has infected a critical number of the vulnerable machines. The right vertical axis shows how long it takes to provide a signature for a malicious threat. CLICK : You can see how malicious code has evolved from slow-spreading program viruses to ultra-fast spreading flash worms. The point at which the curve drops sharply, between network worms and flash worms, is the inflection point where these threats can no longer be adequately prevented with traditional security technology.
Here was have some statistics showing how the rate of spread of computer worms has grown. The high-profile Code Red threat, released in mid-2001, doubled its infection rate every 37 minutes. Less than two years later, the Slammer worm, released in January of 2003, doubled its infection rate every 8.5 seconds! At this rate, Slammer was able to infect 90% of unprotected servers across the Internet in just 10 minutes. Many of the fastest-spreading threats exploit known vulnerabilities or “holes” in the operating system which have been publicly announced. The time between the announcement of a known vulnerability and the release of a threat targeting that vulnerability is also diminishing. During the summer of 2003, the Blaster threat was released just 27 days after the associated vulnerability was announced, the shortest such time period ever. As this time period shrinks in the future, industry’s ability to respond will be increasingly difficult. Finally, the recent MyDoom worm infected email systems across the world – at its peak, 1 out of every 12 emails on the Internet carried MyDoom. Clearly, the newest threats are spreading orders of magnitude too fast for any response-based security mechanism to stop. And the threats of the future could make even Slammer seem slow by comparison. We need to find fundamentally new ways to stop the bullet. Code Red, Slammer references:http://news.com.com/2009-1001-983540.html Blaster reference: Symantec Internet Security Threat Report MyDoom reference: http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci946423,00.html
“Now let’s talk about some simple, effective measures that you can take right now. We’ll start with some security software ideas.” “We’ve talked about antivirus software. But have you put it on all of your computers? Even one unprotected computer can cause problems. Have you checked for new virus definitions--these are profiles of new and evolving viruses--lately? You should do it daily or have the automatic update setting on. You should also scan the system weekly.” “As we mentioned previously, firewall software should go up not only on your router, but also on each desktop, laptop, and server. You may also want to think about a firewall hardware or “appliance”: some firewall appliances also contain other helpful security features, such as VPN or intrusion detection.” “Keep an eye out for security updates for software that you have installed. You need to install patches and fixes ASAP. Also use the latest operating systems for all of your equipment. The latest systems tend to get the most updates and are usually the most virus-resistant to begin with.” “In addition to addressing software, you should be thinking about how you handle computer security.” “You should use strong passwords for password-protected data. By strong passwords, I mean passwords with at least eight characters including letters, numbers, and symbols like the dollar sign or percent symbol.” “Also, be careful when you open your e-mail If you use Microsoft Outlook, Outlook Express or some other programs, you should disable the preview pane that shows you what’s in the e-mail before you open it.” “Before you open an attachment, even if it’s from a known source, think about it. Does the attachment have a strange extension, those three letters AFTER the period? Don’t open it, ESPECIALLY if the extension is EXE. This is an application. Unless you know EXACTLY what this application does, it could cause a lot of problems.” “Don’t open junk mail. This is a common method of intrusion.” “If you open an unsolicited email and it offers you a link to unsubscribe, DON’T. That’s often a trick that hackers use to determine if they’ve reached a valid e-mail address.” “Some of you may have heard recent news reports about phishing. This is when a hacker poses as a legitimate company, such as your bank. They ask you for personal information such as your social security number. If you get a request for personal information from a legitimate company, we encourage you to call them and see if they sent the message.”
“Some more security practices.” “Be careful when you surf. Enable the security settings in your browser. In Microsoft Internet Explorer, there’s an item labeled ‘Internet Options’ on the ‘Tools’ menu. Set your browser to a high security setting.” “Don’t give up personal information to a website unless you see that the site is encrypted. Look for a small padlock or key icon in the browser’s toolbar.” “Don’t click on pop-up ads.” “Make sure you back up your data. For really critical data, back it up daily, whether to a CD-ROM or DVD-ROM or some kind of tape system.” “Lastly, back up other data on a regular basis so that if trouble happens, you’ll be able to keep on going with a minimum of disruption.” “As we said, remote and wireless connections are especially vulnerable. Here are some things you can do to minimize risk.” “For people who connect to the office network from the outside, require the use of VPN, a Virtual Private Network. With a VPN, hackers can’t exploit a hole in network.” “Your remote users should be using antivirus software and personal firewall software on their machines as well. You might want to require that they have these set up before you grant them remote access.” “You can also use a VPN to secure the connection between the wireless and wired network.” “That wired router may require a firewall of its own.” “For encryption, enable the wireless security protocol. WPA is currently the security standard and we recommend using it. The old standard, WEP, is not nearly as secure. Try to use WPA.” “Again, wireless access should require a strong password.” “One thing that certainly hasn’t changed with the times is good, old-fashioned theft. People can still walk off with equipment if it isn’t bolted down, so make sure that you secure portable electronics with cable locks and don’t leave them unattended.” “Most operating systems give you the option of locking the screen when you walk away and requiring a password to get back in. We recommend using that feature.” “Keep track of who has keys or access to equipment.” “Remember those back-ups we suggested you make? Keep ‘em offsite in a secure location.” “Lastly, a burglar alarm for your business is often a good idea.”
“Thanks so much for attending this presentation.”
1. Securing Your Small Business Network
2. <ul><li>Introduction </li></ul><ul><li>Types of Online Risks </li></ul><ul><li>Small Business Network Vulnerabilities </li></ul><ul><li>Calculating the Impact </li></ul><ul><li>Recommended Security Practices </li></ul><ul><li>Overview of Symantec Solutions </li></ul>Agenda 1 2 3 4 5 6
3. The Internet Has Changed Business Forever <ul><li>Turn back the clock 10 years… </li></ul><ul><ul><li>Did you have an email address? Web access? A Web site? </li></ul></ul><ul><li>The Internet has redefined business dynamics </li></ul><ul><ul><li>48% of small businesses in the U.S. have Web sites </li></ul></ul><ul><ul><li>163 million Americans have an email address </li></ul></ul><ul><ul><li>185 million Americans use the Internet </li></ul></ul><ul><li>The good news is that you can: </li></ul><ul><ul><li>Gather information more quickly </li></ul></ul><ul><ul><li>Increase communications with your customers/vendors </li></ul></ul><ul><ul><li>Transact business more efficiently </li></ul></ul>Sources: Pew Internet Survey 2004, Computer Industry Almanac, 2004 Kelsey Group, 2004
4. The Bad News: Computer Security Risks <ul><li>Did you realize that you open your business to potential risk whenever you… </li></ul><ul><ul><li>Download something from the Web? </li></ul></ul><ul><ul><li>Open an email attachment? </li></ul></ul><ul><ul><li>Leave your computers connected to a broadband connection? </li></ul></ul><ul><ul><li>Insert removable media (CD-ROM, DVD-ROM, flash drive) into one of your business’s computers? </li></ul></ul><ul><ul><li>Access the Internet wirelessly? </li></ul></ul><ul><ul><li>Let a guest user onto your business network? </li></ul></ul>The security of your business is up to YOU!
5. The Impact of Poor Security <ul><li>Over $11 billion in damages worldwide </li></ul><ul><ul><li>Between just a few months: Feb. 2004 and May 2004 </li></ul></ul><ul><ul><li>From just MyDoom, Netsky, Bagel, and Sasser virus outbreaks </li></ul></ul>Source: Computer Economics, Inc. June 2004
6. The Impact of Poor Security <ul><li>U.S. CSI/FBI Survey (among 269 respondents) * </li></ul><ul><ul><li>Estimated total loss of $141 million due to virus outbreaks in 2003 </li></ul></ul><ul><ul><ul><li>19% in small businesses with <100 employees </li></ul></ul></ul><ul><ul><li>$524K average loss per respondent </li></ul></ul><ul><ul><li>Attack types and percent experiencing them </li></ul></ul><ul><ul><ul><li>Virus outbreaks 78% </li></ul></ul></ul><ul><ul><ul><li>Internal abuse of Web access 59% </li></ul></ul></ul><ul><ul><ul><li>System penetration 39% </li></ul></ul></ul><ul><li>An estimated 57MM Americans have received emails from “phishers” (Gartner, May 2004 survey) </li></ul><ul><ul><li>Cost of phishing attacks to U.S. banks in 2003 $1.2b (Symantec) </li></ul></ul>* Source: CSI/FBI Computer Crime and Security Survey, 2004
7. What Are You Up Against? Types of Risks <ul><li>Malicious Code </li></ul><ul><ul><li>Worms, Viruses, Trojan Horses </li></ul></ul><ul><li>Hackers </li></ul><ul><ul><li>Information theft/Privacy Violations, Spyware, Phishing, Denial of Service, Application Vulnerabilities </li></ul></ul><ul><li>Time Wasters </li></ul><ul><ul><li>Adware, Spam Email, Popup Ads, Data Loss </li></ul></ul>
8. What Are You Up Against? Malicious Code <ul><li>Virus </li></ul><ul><ul><li>A malicious program that attacks PCs and Macs by infecting other files on the computer </li></ul></ul><ul><li>Worm </li></ul><ul><ul><li>A malicious program designed to spread itself to as many other computers as possible via the Internet, sometimes taking over the victim’s email address book </li></ul></ul><ul><li>Trojan Horse </li></ul><ul><ul><li>A malicious program that pretends to be a useful or friendly program, such as a screen saver, game or other type of utility </li></ul></ul>Source: SecurityFocus The “Blaster” worm alone inflicted $1.3 billion in damage to U.S. Businesses in 2003
9. What Are You Up Against? Hackers <ul><li>Privacy Violations </li></ul><ul><ul><li>Intrusions into your business’s computer systems for personal information belonging to you, your company or your customers, often credit card numbers </li></ul></ul><ul><li>Spyware </li></ul><ul><ul><li>Small applications that monitor your Web usage and report it to a marketing service </li></ul></ul><ul><ul><li>Key stroke loggers that capture data and steal passwords </li></ul></ul><ul><li>Phishing </li></ul><ul><ul><li>Fraudulent schemes in which a hacker pretends to be a legitimate company or authority to get you to reveal personal information willingly </li></ul></ul><ul><li>Denial of Service </li></ul><ul><ul><li>An attack that ties up a Web server so that your customers, vendors, and partners can’t access your site </li></ul></ul>Source: CSI/FBI Computer Crime and Security Survey, 2004 70% of businesses reported at least one security breach from external sources this year
10. What Are You Up Against? Time Wasters <ul><li>Adware </li></ul><ul><ul><li>Software that displays banner ads even when the host computer is not connected to the Internet </li></ul></ul><ul><li>Spam, Popup Ads </li></ul><ul><ul><li>Spam email: unsolicited email, often sent under false pretences </li></ul></ul><ul><ul><li>Popup Ads: ads that open in a new browser window on top of the Web page you were viewing </li></ul></ul>Source: Symantec/Brightmail, 2004 As much as 65% of all email traffic in 2004 is spam
11. Evolution of Virus/Worm Threats <ul><li>We’ve reached an inflection point where the latest threats now spread orders of magnitude faster than our ability to respond with traditional technology </li></ul>months days hrs mins secs Contagion Period 1990 Time 2005 Program Viruses Macro Viruses E-mail Worms Network Worms Flash Worms Contagion Period
12. Threat Sophistication Code Red doubled its infection rate every 37 minutes. Slammer doubled every 8.5 seconds, and infected 90% of unprotected servers in 10 minutes! At its peak, 1 out of every 12 emails was infected with MyDoom! Blaster razed networks just 27 days after the vulnerability was publicly disclosed!
13. Understanding Your Vulnerabilities Internet Gateway
14. Understanding Your Vulnerabilities File Server / Mail Server
15. Understanding Your Vulnerabilities Desktop
16. Understanding Your Vulnerabilities Remote Users
17. Calculating the Impact on Your Business <ul><li>How to calculate the cost of a virus infecting your network and damaging your information </li></ul><ul><ul><li>List the number employees in your business </li></ul></ul><ul><ul><li>Calculate an average hourly compensation per employee </li></ul></ul><ul><ul><li>Think about what files and work might need to be re-created after a loss: customer database, client reports, project files, and schedules, contracts, etc. </li></ul></ul><ul><ul><li>Estimate the amount of time required to re-create lost databases, financial files, and other work per employee </li></ul></ul><ul><ul><li>Multiply the time required by the number of employees affected by the average hourly compensation </li></ul></ul><ul><ul><li>This is the cost of one virus damaging desktop files one time only – It doesn’t include the cost to have your software or hardware professionally repaired or replaced. </li></ul></ul>
18. Calculating the Impact on Your Business $10,500 Annual Cost to Business ($875/person x 12 = $10,500 ) $875 Annual Cost to Business / Worker ( 35 hours x $25/hr = $875 ) 35 hours Total Annual Hours / Person ( 20 + 15 = 35 ) 15 hours Viruses: Annual Downtime / Person 20 hours Spam: Minutes Each Day / Person: 5 Hours Each Year / Person: 5 x 4 = 20 $25.00/hour Average Hourly Wage 12 Number of Employees
19. Recommended Security Practices <ul><li>Prevent infection with antivirus software </li></ul><ul><ul><li>Install antivirus on all desktops, laptops, and servers </li></ul></ul><ul><ul><li>Check for virus definitions daily or set for automatic updates </li></ul></ul><ul><li>Stop intruders with a firewall </li></ul><ul><ul><li>Use a firewall on all desktops, laptops, and servers </li></ul></ul><ul><li>Stay on top of security updates </li></ul><ul><ul><li>Deploy security patches and fixes as soon as they are available </li></ul></ul><ul><ul><li>Use the latest operating system versions </li></ul></ul><ul><li>Create strong passwords and change them frequently </li></ul><ul><ul><li>Don’t allow Web browsers to remember passwords/private data </li></ul></ul><ul><li>Open email responsibly </li></ul><ul><ul><li>Scrutinize attachments before opening them; avoid ones with unusual extensions </li></ul></ul><ul><ul><li>Don’t open or reply to unsolicited mail </li></ul></ul>
20. Recommended Security Practices, cont. <ul><li>Browse the Web with caution </li></ul><ul><ul><li>Don’t ever give personal information to a Web site unless you see a small padlock or key icon in the browser’s toolbar </li></ul></ul><ul><ul><li>Don’t type confidential information in Instant Messaging/Chat programs </li></ul></ul><ul><li>Back up regularly </li></ul><ul><ul><li>Back up vital data daily and store critical backups offsite </li></ul></ul><ul><li>Make remote connections secure </li></ul><ul><ul><li>Require remote users to use antivirus and firewall software </li></ul></ul><ul><ul><li>Use a Virtual Private Network (VPN) </li></ul></ul><ul><li>Lock down wireless networks </li></ul><ul><ul><li>Install a firewall at the wireless access point </li></ul></ul><ul><li>Ensure the physical security of your equipment </li></ul><ul><ul><li>Never leave wireless devices unattended </li></ul></ul><ul><ul><li>Use the screen locking feature when you leave your computer </li></ul></ul>
21. Symantec Small Business Product Line Desktop and Server Protection Desktop Protection Point Products Suites/Integrated Additional Tier
22. Who is Symantec? <ul><li>Global leader in information security </li></ul><ul><ul><li>#1 global leader in antivirus and antispam software* </li></ul></ul><ul><li>Offers a broad range of software, appliances, and services for: </li></ul><ul><ul><li>Home and home office </li></ul></ul><ul><ul><li>Small and mid-sized businesses </li></ul></ul><ul><ul><li>Large enterprises </li></ul></ul><ul><li>Operating in over 35 countries worldwide </li></ul><ul><ul><li>Insight from monitoring a sensor network of more than 20,000 corporate customers, and millions of personal PCs </li></ul></ul><ul><li>* * Sources: IDC – Secure Content Management 2004-2008 Forecast Update and 2003 Vendor Shares; Aug 2004 </li></ul><ul><li>Worldwide Antispam Solutions 2004-2008 Forecast and 2003 Vendor Shares December 2004 </li></ul>