This is the dilemma faced by today's small businesses rushing to reap the benefits of the Internet and e-commerce. But those benefits come side by side with real security threats, and ignoring those security threats is a mistake. What you don't see can hurt you.
Finding security resources to alert -- not overwhelm -- you
You're reading a column written by a guy who receives so much security-related email that 200 messages is a slow day. But I've figured out a system to identify the critical items right away and then I leave the rest for review when time permits. Over time I've culled the influx down to a core group of resources for quick review with follow-ups to other links as needed.
With a few easy steps and some care, you too can get the information you need, in a form you appreciate, and at a time that's convenient. Try the following:
Hot pick security information sites
There are lots of sites touting the latest security news and alerts. The current trend is to list all security-related news, regardless of the source, which results in many essentially duplicate sites. Unfortunately this field is too immature to exclusively cover small business security news. Check out the following sites for a head start toward your list of hot picks. Again, watch out for "candyland": too many goodies and not enough time to digest them!
ZDNet's Security Resource Center: A security mega-site with newsletters and whitepapers.
eSecurityOnline: A security mega-site with newsletter, news by category, and an online vulnerability subscription service that can be tailored to your technology environment.
SecurityPortal: Offers a virus research center and weekly newsletter.
Security Focus: Includes a security basics mailing list to help you become more informed and up-to-date. Includes news, how-to's, virus alerts, and incident notification.
Bigtarget: A security meta-search engine that can make your day by finding the specific security alert resources you need.
Careful for the spin, regardless what site you're in
The five sites I've listed are your best bet for small business security information. Their format is reasonably straightforward and most of the information is in plain English. Notice that I've refrained from vendor sites, even though they may offer similar information or services. Information bias -- call it disinformation, misinformation, or spin -- is alive and well in the security market. Even news sites can have preferences, dependent on a variety of relationship factors.
By checking out multiple security information resources, you'll find the ones that match your preferences and needs. Good hunting!
Dr. Goslar is principal analyst and founder of E-PHD, LLC -- a security industry research and analysis firm. He is also on the editorial board of the International Journal of Electronic Commerce and can be reached at Comments@E-PHD.COM.