There's no doubt that keeping up with corporate network security is a task that's becoming ever more complicated, thanks to the wide range of sophisticated techniques modern cyber-criminals have to compromise your systems. When even relatively small-scale data breaches can cost millions of dollars, no IT pro can risk neglecting security.
One important thing to keep in mind is that there's no such thing as a "magic bullet" solution to systems security. A multi-layered approach integrating a wide variety of software and hardware solutions will always yield the best results, in terms of minimizing one's risk of security intrusions. However, the good news is that there are plenty of options out there, and many of them are either free or quite reasonably-priced.
So today, Hummingbird Networks wanted to highlight some of the products we feel offer a good balance of price vs performance, and that we sometimes recommend to our own clients looking for affordable security options.
If you're running Windows-based systems, there's no reason not to download Microsoft's own totally free set of security tools while it's still around. It scans your systems looking for attack vectors, identifying them and offering suggestions for fixing them. It's scheduled to be EOLed in 2018, but until then, it's a great easy option for spotting holes in your security.
Don't be fooled by the name, this isn't just another distro. Kali Linux is a proactive platform, incorporating a huge array of system-testing and attacking software intended for you to use on your own systems. It's among the most robust such packages available anywhere, at least not without spending huge sums, but being an open-source Linux distribution it's completely free to use.
It won't directly improve your security, but by utilizing many of the same tools hackers use, it allows you to test your own systems in safety.
Rapid7 offers a great (if pricey) systems vulnerability scanner, but they also have a diverse set of free tools available on their website. Most are aimed at Linux implementations, and include items such as a scanner for connected IoT devices that checks for default passwords and several SQL injection scanning\protection products. Chances are, there'll be something here which will help your own security efforts.
NMap is one of the most popular free network scanners in the world, and Zenmap is its official GUI frontend. Together, they're a great easy-to-use option for users to quickly scan everything connected to their network, with nice relationship-based displays of its findings. While the features in NMap are replicated in many higher-end networking products, it's a good budget-conscious solution for IT pros managing networks without too many built-in bells and whistles.
Sort of like antivirus software, but for compromised websites, AlienVault ReputationMonitor is a great crowdsourced free tool for keeping an eye on the websites your business and employees are connecting to. With tens of thousands of participants contributing to the project, it constantly monitors for potentially-compromised connections. Additionally, it also includes a self-monitor that watches out for your own DNS and SSL certificates and lets you know if there are ever any irregularities.
Another proactive tool, Sandboxie is a "sandbox" environment that allows you to run questionable software or websites while isolating it from anything important on your systems. It's a good way to test questionable files, or simply to isolate certain programs from any data you'd prefer they not touch. While the corporate edition costs a small amount to subscribe to, the personal edition is nagware - so in a pinch, it can be used indefinitely.
We've said it before and we'll say it again: Everyone should be concerned about network security. It truly is a group effort, and every time a business steps up to get serious about their internal security, it ultimately helps make the Internet at large a little safer as well.
In that spirit, what free or cheap products have you found that helped enhance your own security?
In the meantime, if you have any security-related questions or need recommendations for good upgrades to secure your own systems, please don't hesitate to contact Hummingbird Networks for more advice!