Simple and affordable steps can improve SMB security postures
Many small and midsize businesses (SMBs) don't believe that a hacker would target their enterprise. Although it's true that many attacks are planned to vandalize highly visible Web sites, any enterprise that has inadequate security should be concerned. The recent emergence of the SQL Slammer worm demonstrates the challenges SMBs face from a mass attack that hits any vulnerable IP address. In attacks such as Nimda, Code Red, and Slammer, hackers are going after systems at random, so being an SMB doesn't make you any less attractive as a target.

Also making SMBs prime targets are the following factors: 90 percent of SMBs are running Windows on their servers, 80 percent are using Outlook and Exchange for e-mail, and 70 percent are using SQL databases. Microsoft software is a major target for hackers because it has large numbers of vulnerabilities, and its market share gives hackers the ability to have a massive impact. Security breaches at smaller businesses don't grab headlines the way attacks on Fortune 500 companies do, but this doesn't mean they're any less devastating.

Through 2005, 40 percent of SMBs that manage their own network security and use the Internet for more than e-mail will experience a successful Internet attack, and more than half of them won't know they were attacked (0.8 probability).…



http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2914399,00.html