Web Security, Internet Filtering and Internet Security Software

The United States is home to more than 23 million small businesses — and of those, a growing number of their computers are unknowingly compromised by Web-based security attacks or worse, part of botnet "herds."

Experts say that there are actually tens of millions of computers that are affected by botnets and that number continues to grow.

Q&A with Leo Cole
Vice President of Marketing, Websense, Inc.

Q: What type of information security threats should SMBs be most concerned with?

A: One type of threat to be concerned with are bots, which are software that allows a computer system to be remotely controlled without the knowledge of the computer’s owner. A botnet is a network or group of computers controlled by a bot master. Once the bot master has control, they are able to commit fraudulent activities such as sending out SPAM and malicious code as well as stealing personal information. With limited IT resources, it's next to impossible to know whether or not a machine has been integrated into a botnet.

Q: Most SMBs have anti-virus and firewalls; aren’t they already protected?

A: No. According to the 2006 CSI/FBI Computer Crime and Security Survey, even though 97 percent of organizations have antivirus and 98 percent have firewalls, 65 percent of companies were still hit by viruses. While antivirus and firewalls are still an important component of network security, SMBs should not be lulled into a false sense of security.

Websense Express Spotlight

“…Of all the business Web content-filtering solutions I’ve ever evaluated, this could be the easiest to install, configure, and understand reports from. Any small to medium business with a single administrator would do well to choose Websense Express for its Internet filtering needs.”

Matthew Sarrel, PC Magazine Contributing Editor

Read the product review

Q: Why aren’t these traditional approaches effective anymore?

A: With antivirus and spyware technologies, a user must first identify the malicious software and then create a solution. This approach generally takes too long, and as a result, the malicious software is able to cause damage. Further, the Web is now the number one infection method. SMBs are vulnerable to such threats by simply visiting a legitimate Website that could look perfectly harmless.

Q: Why would hackers target SMBs when there’s more to gain by attacking larger companies?

A: The truth is hackers are targeting both now. They aren’t trying to take down a network just to gain notoriety. The paycheck comes by stealing data, and businesses large and small have valuable data. Small businesses have always had an uphill battle when it comes to securing their networks, including typically the lack of IT expertise and dedicated manpower, but the most imminent danger today is a false sense of security. Most SMB’s only have antivirus and a firewall set up. Hackers know and exploit this.

Q: How do you choose the right Web security platform?

A: SMBs need a security product that’s as worry free as possible. Consider how much time it will take to train staff and be sure to understand what kind of maintenance and updates will be required after you have implemented it. Following are some key questions to keep in mind when looking for a Web security product:

Does the product protect against today’s threats, such as malware, spyware, keyloggers, bots and other potentially unwanted software?
Will it integrate with your existing IT systems?
Can it address the latest threats automatically, within minutes (or at least daily), without requiring expertise or IT administrative attention?
Does it provide automatic updates that reflect the latest state of the Internet – with research and analysis performed by outside experts?
Does it do the job effectively, without requiring mass investments in staff and equipment, or will it cost you more in the end to administer?