Information Security

How Your Business Can Scan Regularly for IT Threats

Much of modern IT security depends on using the right tools to help protect your network. With the right technology, you can scan servers, websites, email and much more to find potential IT threats and neutralize them. Here is more information about building the right scanning strategy and some information about tools you can utilize in your business.

Use a Vulnerability Scanner for Business IT Security

Your business should either be using a security scanner or working with a managed IT provider that can perform routine scans for you.

One of the main scanning tools you need to use is a vulnerability scanner. This tool scans your network, including computers, servers and routers, and looks in a variety of areas to find security flaws. Your scanner will look at open ports on your network, log-ins and IP addresses, and determine if they’re vulnerable against known exploits and security flaws.

Sometimes the vulnerability scanner will have an internal database to check against, while other scanners will look at a database from third-parties like the SANS Institute, OVAL or CVE.

Your vulnerability scanner should also examine flaws in your operating system and software you have running on your system, such as SQL injections and other very dangerous vulnerabilities.

One of the benefits of using the right scanner is the ability to see if dangerous malware like a Trojan horse is listening in on an open port on your network. That means if your anti-virus scanner fails to detect a Trojan running on your system, a vulnerability scanner might be able to catch the Trojan running in real-time.

Compliance is also an issue. Proper security scanning should be a regular part of doing business for companies that need to comply with regulations like:

  • DSS
  • PCI
  • GLBA

Build a Cost-Effective Scanning Strategy

  • Some vulnerability scanners can cost tens of thousands of dollars, such as Core Impact. While these may suit larger corporations, they fall outside the budget of most small- and medium-sized businesses.
  • The good news is that you can obtain virtually all the benefits of these more expensive tools with the right scanning strategy and a variety of free or low-cost tools. However, it may take a little more work and expertise on your end.
  • Dobson Technologies is here to not only implement scanning tools, but also routinely perform scans, analysis and security fixes for small business IT support that we partner with.

Build a Map of Your Network

  • Certain tools like Zenmap lets you see all the computers connected to your network and what their role is. Zenmap not only helps you understand if any unauthorized computers are connected, but also comes with various security auditing features, such as the ability to pinpoint computers that are in need of updating.

Scan Your Email the Right Way

  • Email is one of the primary ways small businesses are targeted for hacks. Phishing attacks are designed to trick your employees into downloading viruses and malware when they believe they’re interacting with a trusted source.
  • However, the right email anti-virus and anti-malware scanner can do a lot to protect you, since they can:
    • Scan attachments for viruses and malware before they’re downloaded
    • If your employee clicks on a dangerous link to an infected website, the scanner should prevent them from visiting the website
    • The anti-virus features constant updates for new viruses and malware
  • There are also tools you can use to scan your enterprise email for sensitive information that really shouldn’t be stored in your email inbox in the first place, such as This service scans for credit card numbers, Social Security information and personal identifying information like passwords.
  • Once the scan is complete, you can easily delete emails that are tagged as security threats. This kind of scanning software helps you reduce the threat of further damage if your email account is compromised.

Look for Rogue Access Points

  • If one of your employees connects a wireless access point somewhere in your network without prior authorization, this is known as a rogue access point. Some hackers may also try this strategy as well.
  • The risk is that this rogue access point can actually allow anyone to gain access to your network, including people who aren’t physically connected to your office Wi-Fi.
  • Use a Wi-Fi scanner to detect these rogue access points. Acrylic WiFi is free for personal use but costs money for commercial businesses. It will help you build reports and keep a clear inventory of Wi-Fi devices on your network.

Scan and Crack Your Own Passwords

  • Sometimes it pays to think like a hacker. That’s why it makes sense to use a tool like Cain and Abel, which helps you try to crack your own passwords and show other security weaknesses.
  • This tool scans your entire network, uses brute-force attacks to crack encrypted passwords, reveals wireless network keys, uncovers your cached passwords and performs a variety of security audits to ensure your passwords are strong.
  • Although many of the exploits this scanner reveals can be easily fixed, you need to run the right scanning tools to realize there is a problem to begin with.
  • Remember, these are just a few examples of scanners and tools to use on your network. Dobson Technologies employs a wide range of scanning and network vulnerability analysis tools to ensure your network is running safely and securely at all times. If you need managed IT support in Oklahoma City, schedule a meeting with Dobson to discuss your technology and security needs.