<i>Business mentor:</i> Building walls against worms

Q. What can I do to protect my small business from the Sasser.B worm?

A. Richard Batchelar, country manager, Symantec New Zealand, replies:

Even the smallest businesses are not immune to internet threats. Just a single security breach could bring your business operations to a halt, decreasing productivity and potentially compromising data integrity, customer confidence, and revenue flow.

And today's threats can come from anywhere wired or wireless networks, internally or externally.

This week, the Sasser worm, which has a number of variants, has been having an impact on systems worldwide.

A worm is a program that makes copies of itself and propagates itself using email or some other transport mechanism.

Sasser is similar to an earlier worm, Blaster, in that users do not need to receive an email message or open a file to be infected.

The Sasser.B worm spreads by scanning randomly chosen IP addresses for vulnerable systems. This means that any computer on the internet could be targeted without the user knowing.

If your network has already been infected you can download a fix from Symantec.

To prevent your business from becoming infected by the Sasser worm, Symantec encourages all users and administrators to adhere to the following basic security "best practices":

* Stay up to date on patching. Be vigilant about checking for software updates to take advantage of security fixes and patches for holes that might leave you vulnerable to attack.

* Protect your network. Install internet security technology including antivirus and firewall protection.

* Block suspicious attachments. Configure your email server to block or remove email that contains file attachments commonly used to spread viruses, such as .vbs, .bat, .exe, .pif and .scr files.

* Turn off and remove unneeded services. By default, many operating systems install auxiliary services that are not critical and are avenues of attack. If they are removed, internet threats have fewer avenues of attack and you have fewer services to maintain through patch updates.

* Isolate the threat. Isolate infected computers quickly to prevent further compromising your organization. If an internet threat exploits one or more network services, disable or block access to those services until a patch is applied.

* Carry out security awareness training. Educate employees so they know their role in maintaining the security of your business. Train them not to open attachments unless they are expecting them. Do not execute software downloaded from the internet unless it has been scanned for viruses.

* Create a security policy. Outline your information assets, and all access rights to that information. Remote access rules should be outlined here also.

Today's threats are becoming more prevalent and more advanced in their methods of spreading and the damage they cause.

You should implement security measures on all vulnerable points on your system and establish a comprehensive line of defence which includes antivirus, firewall and intrusion detection.

* Email us your small business question

Answers are courtesy of Spring - A State of Mind for Business.