SmallBusinessSecurityOptions


Listed here are security solutions for small businesses. Note: MEI Security takes not responsibility for your use or lack of use of any of these items. Do your own research. Please feel free to comment on this page, and we will update the listing as we see appropriate.

Category PREVENT DETECT REACT $0 DIY (XS) $100 Bronze (S) $1,000 Silver (M)
Disclaimer X MEI Security takes no responsibility for anything related to your use or lack of use of any items mentioned herein. MEI Security takes no responsibility for anything related to your use or lack of use of any items mentioned herein. MEI Security takes no responsibility for anything related to your use or lack of use of any items mentioned herein.
Hardware Inventory X Paper+pen or spreadsheet, Opmantek OpenAudit Upgrade Opmantek, SIEM
Patching O/S X Vendor sites Vendor
Patching Applications X Avast Software Updater
SUMo
Vendor
Lock Network Access X Change Wireless Password NAC
BYOD X Two A/P's. Change Passwds
or Single AP with true guest mode
NAC+
Network Segmentation X Subnets for clients v Servers v Printers Firewalls to enforce subnets
Password Hygiene X Manual: Simple Seasonal Six
Security Plan X X X https://www.fcc.gov/cyberplanner Engage Consultant
Antivirus X X Comodo
DNS Filtering X X Comodo, Norton ConnectSafe, GreenTeamDNS, ... : Filter Malware OpenDNS, Dyn : Custom Filtering, remove adult content, gambling
Web Filtering X X X Squid Proxy : caching and filtering Bluecoat, Websense
Disk Encryption X Native(Bitlocker,OSX,LUKS), Veracrypt
SPAM Prevention X ISP/Mail client/Junk Settings
FRAMS
User Education X X X "Water cooler" discussions, SANS SecuringTheHuman Learning Lunches Online Training
Policies/Procedures X X X SANS reading room "building security policy"
Security Assessments X SANS reading room "Risk Assessment"
Brand Alerts X Google Alerts by Site (pastebin, stack overflow)
Status Pages X X DIY + free For Pay
External Scanning X Greenbone/OpenVAS, ZAP Qualys, Nessus
SIEM X X X OSSIM AlienVault, QRadar
Internal Scanning X Greenbone/OpenVAS, ZAP Qualys, Nessus
Pen Testing X SANS reading room "Penetration testing" NOTE: non-trivial time, experience, trial/error required to be good at this
Backup/Restore X USB Drive (ENCRYPTED) Multiple USB Drives (ENCRYPTED) Encrypted off-site, live
Asset Recovery X Prey Project Prey Project+
Ransomware X X CyberReason's RansomFree, BitDefender tool

Other Resources for Small and Medium Sized Businesses

Following is a list of resources that may be helpful for businesses interested in reducing their risk.
  • https://www.staysafeonline.org/ncsam/resources/workplace-security-risk-calculator
  • https://www.us-cert.gov/ncas/tips/ST05-007
  • http://www.dhs.gov/sites/default/files/publications/FCC%20Cybersecurity%20Planning%20Guide.pdf