US COMPUTER SECURITY ADDRESSED BY EXPERTUSATODAY.com - Protecting your business takes more than softwareProtecting your business takes more than software

Q: It seems like the threats to our computers grow ever more complex. I solve the spam problem and am faced with new viruses, or spyware, or who knows what next. What are we to do and where should we be putting our energies? — Geoff, Philadelphia
A: I have been holding onto this question for a while because I was faced with the same issue as the writer — it seemed like any answer I gave today might become moot tomorrow. Yet there is no doubt that for most small businesses, computer security is a growing and changing problem that lacks easy-to-understand and implement solutions.
The facts bear this out. In a recent AMI study, small and medium businesses (SMBs) identified security as a top priority, having recently spent nearly one billion dollars on anti-virus, anti-spam, intrusion detection firewalls and other IT security measures. SMB customers know that it takes more than just basics like virus protection software to keep their business secure, but the questions inevitably become "What else do we need? What will it cost? and How hard will it be to figure out?"

Well, I am happy to report that these issues got easier last week.

Hewlett-Packard recently shared some information with me that they said would make computer life much easier for SMBs. H-Ps "Layer of Security" is an integrated, easy-to-understand system designed to help small businesses quickly get up to speed on computer security needs and find solutions for areas of potential vulnerability.

When I first saw the Layers of Security graphic last week, I was surprised at how easily it explained what sort of computer security my small business needed. You can see it yourself by going to http://www.hp.com/sbso/security/layers.html.

The idea is that as IT threats become more complicated, SMBs should consider developing a comprehensive security strategy instead of relying (as most businesses do) on ad hoc collections of precautions to protect your hardware, data, applications, operating systems and networks.

Essentially, the layers are a simple blueprint for IT security that combines understanding with a portfolio of products and services tailored to address security issues faced by SMBs.

According to H-P, if you own a small business, there are 6 layers of security to be concerned about. They are:

1. Physical Security: Physical security is the most basic level of IT security. Here you use external and internal locks, cables, clamps and brackets to protect equipment from being stolen or prevent access to the internal components of your system.
2. Data Security: You want to be able to restrict access to your system only to those who should have it. If you knock around the H-P Web site, you will see they offer tools to help you do this (which is true at all the layers.)

3. Applications and Operating System Security: This is the area most of us are familiar with, where we use tools such as antivirus and firewall software to block attacks.

4. Network Security: Similarly, at this layer, you need software to protect your network from viruses and other attacks. You might also need intrusion detection and prevention systems, and web and content filtering.

5. Security Management: Here we get a bit more complex. At this level, you examine your security management, assess your overall vulnerability, and manage patches and updates.

6. Security Services: This final layer suggests you get expert help for advanced security threats.

The great thing about the Layers of Security, from what I see, is that it is an easy way to learn about what your small business needs to be secure while comparing it to what you presently have. In the case of my business, for example, I discovered that I need increased data security, and it took me about 45 seconds to figure that out.

And that's the idea. According to Kevin Gilroy, H-P's worldwide senior vice president and general manager for SMBs, "Keeping businesses secure is a key focus of H-P's Smart Office initiative." The idea, he says, is to help "SMB customers take care of security issues so they don't have to worry about potential exposures, and can keep better focused on their business."

One of the best things about being a small business these days is that our growing numbers mean there are more tools being offered to us.

Today's tip: If you want to know more about the security of your IT (and you should) you should also check out H-P's new Security Expertise Center. Here you can find products, services, free online courses, white papers, and plenty of other information that can help you build an effective security plan: http://www.hp.com/sbso/security/index.html.

Ask an Expert appears Mondays. You can e-mail Steve Strauss at: sstrauss@mrallbiz.com. And you can click here to see previous columns. Steven D. Strauss is a lawyer, author and speaker who specializes in small business and entrepreneurship. His latest book is The Small Business Bible. You can sign up for his free newsletter, "Small Business Success Secrets!" at his Web site —www.mrallbiz.com.