Nobody likes to think the worst — that around every corner there is someone snooping into your business affairs. But if your company operates either a wired or wireless network, and has information you would like to keep confidential, then a little paranoia will serve you well.

Basic Steps You Can Take
Here are four basic measures that can help reduce your network security fears.

1. Use a firewall.
A firewall controls access your network. It can block internet intruders from probing at the data on your private network. And it can control what your employees can access outside of your network.

There are two basic types of firewalls: hardware and software. Both work by examining data passing into your network and discarding it when it fails to meet certain criteria. Hardware firewalls are best suited for networks because they can protect all the computers on your network. They also offer an additional layer of defense because they can effectively make all your network PCs "invisible" to the outside world. Software firewalls, such as the Windows Firewall built into Windows XP Professional, protect only the computer they are running on and provide a good back-up defenSe to hardware firewalls.

2. Use strong passwords
Most small businesses use passwords to authenticate identity — whether on computers or cash registers or alarm systems. Though there are more sophisticated authentication systems, such as smart cards and fingerprint or iris scans, passwords are most common because they are easy to use. But they are also easily misused. Hackers have automated tools that help them come up with simple passwords in minutes. Crooks may also use fraud to get employees to divulge passwords.

And too often passwords are not effective for these reasons:

• Sensitive documents have not been password-protected, allowing anyone to walk up to an unsecured computer and log on
• Passwords are weak and/or never changed
• Passwords are written down in plain sight next to a computer

Educating your staff about the importance of passwords is the first step in making passwords a valuable network security tool. Employees should regard their password the same way they would an office key. In other words, don't leave it lying around and don't share it. They should also avoid weak and easy-to-guess passwords that include the following:

• Their real name, user name or company name
• A common dictionary word that makes them vulnerable to "dictionary attacks"
• Common passwords, such as "password," "letmein" or "1,2,3,4"
• Commonly known letter substitutions, such as replacing "i" with "!" or "s" with "$"
• A password that someone knows

What does a "strong" password look like? It should have the following characteristics:

• Be at least eight characters long; the longer the better
• Have a combination of lower and upper case letters, numbers and symbols
• Be changed at least every 90 days, and when changed should be significantly different than previous passwords

3. Use wireless security features.
Wireless networks use a radio link instead of cables to connect computers. As a result, anyone within radio range can theoretically listen in or transmit data on the network. Freely available tools allow intruders to "sniff" for insecure networks. While vulnerability increases with a wireless network, computer-savvy crooks have tools to help them break into all types of computer systems.

There are security features built into Wi-Fi products, but manufacturers often turn them off by default because it makes the network easier to set up. If you use wireless networking, make sure you turn them on and use the configurable encryption and access control features that will make your network more secure.

Also consider:

• Restricting wireless access, if your access point allows it, to office hours or whenever you expect to use the network
• Filtering out casual intruders by setting access points to restrict network access to trusted Media Access Control (MAC) addresses only
• Upgrading to a more robust Wi-Fi Protected Access (WPA) encryption if your equipment is older

4. Close unnecessary network ports.
Network ports enable communication between client computers and servers. To strengthen your network's security and thwart unauthorized access, you should close unused or unnecessary network ports by using dedicated firewalls, host-based firewalls or Internet Protocol Security filters. But a word of caution: Microsoft server products use a variety of numbered network ports and protocols to communicate with the client and server systems. Blocking ports used by the Windows Server System may prevent a server from responding to legitimate client requests, which could mean the server won't function properly if at all.