As the threat to business from cyberattacks continues to make global news, it is becoming increasingly important to ensure that your company has adequate antivirus for small business. While small business owners (SMBs) may feel that their businesses are too small or insignificant to be attacked, the truth is that this complacency is one of the reasons why they are increasingly being targeted. In the UK alone, a report from August 2017 revealed that one in six small businesses suffered a breach in the previous 12 months, with 21% saying the attack cost the company more than £10,000.
With this warning, it is vital for SMBs to protect themselves and their clients. But with so many types of threats and just as many tools and solutions, it can be confusing and difficult to determine which features you need and what they protect against. Our tech jargon-buster will help to define terms and allow SMBs to build a better understanding of what they need and why.
What antivirus protection features really mean
It is important to remember that different products will have a varying combination of features, so knowing the requirements of your business are vital in choosing the right solution for your needs. To help, this glossary will define some of the most common tools and features and explain how they help to protect your devices and wider network.
Email is a popular medium for the spread of malware, spam and phishing attacks. Attackers use deceptive messages to entice recipients to divulge sensitive information, open attachments or click on hyperlinks that install malware on the victim’s device.
As such, email security uses various techniques for keeping sensitive information in email communication and accounts secure against unauthorized access, loss, or compromise.
As an addition to standard antivirus, email protection scans your emails in real-time to protect against malicious content. Scans include spam filters and attachment checks (inc. malware and virus checking and removal).
To ensure security when transferring data, this process encrypts data at the origin and is decrypted at the destination. This means that any bad actors attempting to intercept the data cannot easily decipher the message within.
File server security
A network antivirus scanner designed to keep Windows file server protected and private so that business files and customer data remain secure.
Your file server, a central computer/server where you store your shared data that is linked to the network is a key vulnerability: it’s packed full of potentially sensitive data that might not be stored anywhere else, and everyone may have access. As such it’s essential to protect with Windows file server protection, which can include antivirus software as well as approved operator groups and/or internal logins and firewalls. This may include permission management: who can and can’t upload, remove or copy files; exported file back-up; and ransomware prevention.
A file shredder is a tool for permanently erasing files to ensure that they cannot be restored at a later date. This is done by repeatedly overwriting the file with meaningless data and is ideal when selling old devices.
The first line of defence for a system or private network when connecting to the internet. A firewall is software or hardware designed to prevent unauthorised users or suspicious software from accessing a network. It acts as a barrier, only letting data pass through that it deems as safe.
Software firewalls are often installed on individual devices. Hardware firewalls are usually positioned between a router and the internet connection to protect an entire network.
Working as a supplement to your current antivirus, identity protection looks at the actions of applications to identify suspicious behaviours and patterns and protect you from spyware and adware that could track personal and sensitive data.
A link scanner verifies the safety of a website before you click the link, so that you know your data won’t be stolen or your network compromised.
Mobile Device Management (MDM)
This is a tool for integrating mobile and Internet of Things (IoT) devices into the workplace network. Remote administrator privileges mean that you or a nominated person within your business will be able to ensure devices are updated and can be located or wiped if they are lost or stolen.
By allowing your administrator to remotely install and update AVG protection across your entire network from a single location, Remote Management means that they can be sure that every device on your network is fully protected and updated.
What cyberthreats really mean
As new cybersecurity threats continue to emerge, knowledge of the types of threats is key to keeping data as secure as possible. This requires an understanding of the potential impact of threats, how they work and what could happen without adequate protection.
By adding itself to a system, adware will display unwanted pop-ups, banners and browser redirects. While it is not always aggressive, adware can significantly slow down systems and can be difficult to remove.
By infecting the Master Boot Record (the part of a hard disk that loads the operating system), this malware can execute before the operating system begins to boot. By being located and operated outside the file system, bootkits can be difficult to detect and may require a dedicated Bootkit removal tool.
A virus that is delivered via an email attachment. Often the virus is activated when the attachment is opened. A famous example is the ILOVEYOU virus from 2000, which sent additional emails out to the victim’s top 50 address book contacts to help it spread. When in place, the virus downloaded a password-stealing application from the internet, scanned the device for sensitive data and sent it to the perpetrators.
A form of Trojan, keyloggers record the keystrokes (buttons pressed on a keyboard) made by a user. The result is a document that can be supplied to third parties containing passwords, emails and any other text that has been entered.
A portmanteau of malicious software, malware is an umbrella term for programs containing malicious code and is usually designed to break into a computer system and cause harm. Forms of malware can include worms, trojans and viruses.
Viruses that do not operate out of a computer’s memory are non-resident and often found in executable files (files that launch programs).
A resident is the name given to any type of virus that is stored in the memory of a computer to monitor the operations of the system. The name comes from how the virus attacks – by staying in your computer’s memory and launching alongside other programs, such as word processors and web browsers.
Malicious software is used to encrypt a victim’s data or lock them out of their devices. The perpetrators will then demand a fee in exchange for unlocking the files or software. In some cases, there will be a time limit attached for the ransom and failure to comply could result in the destruction of the data. It is worth noting that paying the ransom is no guarantee that you will regain access to your files. In fact, many security companies recommend against it as it only fuels this type of cybercrime.
Remote Access Tool
Remote Access Tools (RATs) were designed to allow administrators remote access to devices. When used maliciously, RATs can allow bad actors to take control of a device without the user becoming aware. Once the program is in place, the device can be controlled remotely, files can be launched and settings changed.
Rootkits are a type of generic malware designed to gain access to the ‘root’ of a computer’s file directory. They are usually deployed via an email or download (without the user knowing) and are embedded so deep in an operating system that it has full access to the system and can hide.
Often installed without the user’s knowledge, spyware records the activities and personal information of the user which can then be provided to third-parties. Legal examples of spyware are often called tracking software and include software for companies to monitor staff or for parents to keep track of their children’s online activity. Malicious spyware can be hard to identify, with one of the first clues being a significant reduction in speed from the network or device.
Named after the famous Greek tale, a Trojan horse appears to be a legitimate program, ensuring its installation. However, once it is in place, the program performs a variety of malicious actions. This method of accessing a system is often used by worms.
A virus is computer code that has the ability to replicate itself, meaning that it is easily spread and hard to destroy – much like a medical virus, it ‘infects’ a device or system. There are many types of virus, which can be delivered in different ways, such as those explained below.
Unlike a standard virus, worms do not require a host as they are standalone programs. Once they are in a system, worms can operate unaided and often use a number of methods to copy themselves across computers and networks.
Threats continue to evolve and so do solutions to thwart them. As a result this is not a comprehensive guide, but it should offer insight for SMB owners and IT specialists to help them better navigate cybersecurity. For more information check out AVG’s business products.