Internet Security for Small Business

Fairmont on 19/04/2022 - 09:58

Hi all,

I have a small business and I hold sensitive client information (I use Microsoft 365 and all data is on SharePoint and backed up to the cloud).

Currently the business is just me,
but looking at hiring. I'm careful on things I click on and download, so just use windows 11 defender. Some employees may not be as vigilant, so I'm thinking if I need an extra layer of protection with a paid internet security package like Bitdefender.

I'm reading Defender with Malwarebytes Premium is a good combo. Or do I just go with Bitdefender Total Security (or the like) - a few forums talking about Russian influence on Kaspersky, so I may avoid it.

I (and future employees) use Outlook a lot, so email protection is a priority (for attachments and phishing).

Thanks in advance.

Computing

Comments

  • Jimothy Wongingtons on 19/04/2022 - 10:08

    We went with malware bytes.

    Be sure to also set outlook to show real sender address and move the column to the front. This helped a lot of my staff avoid fake emails.

    Also install ad blocker.

    A bit of common sense goes a long way too.

    • Chandler on 19/04/2022 - 10:20
      +3

      A bit of common sense goes a long way too.

      This. You can put in all the software you like, if you're staff are going to fall for a phish, they'll fall for it.

      Personally, I'd get some software (i.e. Malware Bytes) but be more focused on training.

  • apple2016 on 19/04/2022 - 10:26

    Depending on how much you want to spend!…
    Search / Google for UTM (Unified Threat Management Software). Some brands are Sophos, Fortinet, Sonic wall etc.

  • RenVilo on 19/04/2022 - 10:43

    We use Sophos at work but I use Mallwarebytes for my home systems. Can definitely recommend Mallwarebytes

  • Quantumcat on 19/04/2022 - 12:47

    You should use principle of least privilege, and only grant access to data and functions that the staff member needs to do their job.

  • [Deactivated] on 19/04/2022 - 13:31
    +1

    Which M365 license do you use? M365 Business Premium now includes Defender for Business, https://www.microsoft.com/en-au/security/business/threat-pro….

    M365 Business Premium also includes advanced email protection that will scan attachments and links in emails before delivering to the user’s mailbox. It also includes a multitude of other security features to help you keep your org and data safe.

    As a recommendation - make sure you use the maximum of the products you already have before jumping to other services.

  • Fairmont on 19/04/2022 - 14:59

    I have Microsoft 365 Business Standard.

    Some handy tips, thanks all.

  • Nebargains on 19/04/2022 - 15:25

    Education around security is probably more important than having security or anti virus products, it is also important to have a good backup and disaster recovery process. I am not saying don't get them (av/anti spam etc), just that even with them you can still fall victim to phishing attacks, dodgy emails with dodgy attachments etc, even with the latest AV and spam filters because these emails and viruses etc are designed to get around the current applications, then when something new comes along the applications are then updated - but by then you could have already been hit.

    I worked at a large that spent a small fortune on this stuff and one day someone opened one of those "a parcel is waiting for you at Australia Post" emails that had gotten through the spam filter and didn't trigger the AV because it was 'new' and not in the current definitions, within minutes many gigabytes of data was encrypted, fortunately it was picked up straight away and the person responsible removed their computer from the network thinking they had opened a virus and data was able to be restore from backups etc. But it goes to show that educating users on what these things look like is really important - with better education they shouldn't have opened the email or the attachment.

  • Elegant Giant on 19/04/2022 - 16:21
    +1

    Make sure your staff all have MFA set up on their accounts - it's an extra layer of defence in case someone does click the phish, or re-uses a password somewhere.

  • Rako on 19/04/2022 - 18:14

    Look this up Tradies frustrated by banks as business email scam costs them $51,000

    I didn't use the URL because you shouldn't click on them.

    Also have a look at Authy a free mobile / desktop app for two-factor authentication

  • Play3r on 19/04/2022 - 18:43
    +3

    Various people above have mentioned specific products from various vendors. Installing stock configured Anti-Virus (this will only protect you from lazy malware), not having 365 configured correctly and whatever other apps you use will leave you open to other issues, etc etc.

    There is a reason they talk about Defense in Depth regarding IT Security.

    You should work with an IT service provider to work through all of the things. There is a reason we hire accountants for accountant related things. Hire IT for IT things.

  • meditexp on 28/10/2022 - 01:11

    There are lots of software offering numerous security features and prices. It depends on your specific needs and also on your budget. Antivirus software is a big investment, especially if you opt for a premium package. Bitdefender and Kaspersky are quite different in their pricing. For Kaspersky Total Security you need to pay $89.99 to protect five devices, whereas Bitdefender Premium Security is $159.99 for ten devices. Both of these packages offer protection for a year, after which you can decide whether to renew.

Login or Join to leave a comment
Login Join