Corporate security is serious business, but as an SMB how do you know if you’re unconsciously leaving the back door open to cyber criminals?

If you’re not sure, it can be a daunting task constantly monitoring for new and emerging threats that come through a variety of channels. That’s why AVG Technologies wants to share the top 5 backdoor entrances you should know.

Door #1 – Social Networks and Community Bad Spirits

Most social networking activity is concerned with community spirit and sharing of a wide range of data including documents, music, video and links.

The biggest problem here is TRUST. People trust people that they know, or that they think they know. This means that users are more likely to click an infected link if it comes from a trusted colleague or friend.

Beef up your security policy, only 23 percent of companies have any security policies in place that specifically address social media. Offer staff some guidelines to keep them and your company network safe.

Door #2 – Instant Messaging and Spam Chat

Viruses and other malware can be hidden in files sent via Instant Messaging (IM). Introduce policies that educate and control the use of IM. One important step is to ensure that user’s emails cannot be easily identified by their IM username and some IM services link your screen name to your email address when you register. Having your email address so readily available is bound to increase spam and phishing attacks.

Door #3 – Insider Threats: Right Under Your Nose

While companies might rightly be concerned about outsiders breaking into your company network, employees pose a similar or even greater threat.

Staff are in fact responsible for introducing the majority of malware onto company networks. You may want to consider running additional background checks on IT staff in responsible positions before hiring them. The best advice is relatively basic – trust your gut feel, educate staff on keeping their data and network safe and enforce a robust internal security policy combined with a security audit.

Door #4 – Don’t Lose Remote Control

While preventing staff from leaking malware into a business has its challenges, staff that are allowed to access the company network remotely are even harder to control. Allowing staff to use their own machines for work increases the risk that malware may get inside the company network. An obvious way to close this security hole is to prevent staff from using their own machines.

There are other ways around this such as using virtualisation technology to create a virtual safe-zone within your hardware – like an embassy in a foreign country. However, it is arguably simpler and more effective to establish a strong set of security controls that ensure all staff only use company hardware with anti-virus controls and subject to updates and audit procedures.

Door #5 – USB Sticks

USB sticks are particularly good at spreading malware. They appear innocuous compared to a laptop or smartphone but can hold several gigabytes of code – some of which may be malicious. Allowing employees an unchecked option to insert these into company computers is an unnecessary risk.

Removable devices can be automatically checked using anti virus software or users can choose to run a manual scan before accessing any of the files on the stick. Business owners should also create policies to keep personal and business drives separate on any machine.

Email-equipped smart phones poise similar risks to company networks as desktop computers. Smartphones can help spread malware onto other susceptible devices on the network and hackers have been known to use text messages to guide unsuspecting users onto websites containing infected code.