Supplement with free security tools
Once you've exhausted all the resources you have on hand, it's time to explore outside options. Some of the best security tools available are free and can go toe-to-toe with features offered in big-brand security suites. Here are a few to get you started.
Microsoft Security Essentials: Windows 8 includes Windows Defender, but prior versions of the operating system didn't come with antimalware protection. If you need to protect computers running Windows XP or Windows 7, you can download Microsoft Security Essentials to get comprehensive real-time protection gratis.
Cain and Abel: Using network-packet sniffing, dictionary attacks, and a variety of other methods, Cain and Abel captures and cracks passwords. You can use this handy utility to reveal vulnerabilities, determine whether your policy requirements are secure enough, and recover passwords, which is its primary function.
Aircrack and Kismet: Want to know how secure your wireless network really is? Try Aircrack or Kismet. Aircrack captures wireless network traffic and attempts to crack your WEP or WPA encryption. Kismet is a wireless-network detector, sniffer, and intrusion detection system. Both tools are free, and both are highly rated by those who use them.
Nikto: If your business has a Web server, you might want to put Nikto to use. An open-source Web-server scanner, Nikto can help you identify weaknesses that may expose your server to exploits. It scans for outdated servers, specific vulnerabilities, and known configuration errors to help you protect your server from attack.
For a complete list of the best security utilities, visit SecTools.org, which maintains a regularly updated list of the top 125 as rated by the user community. The list includes both open-source and commercial software, but you'll see that many of the most respected tools don't cost a thing.
If you can spare a dime...
If implementing these free options has whetted your appetite, consider investing in some pay software to bolster your complimentary security measures. We recommend the following three open-source tools. All are still available as free versions, but subscriptions are required to unlock their full power.
Nessus is a vulnerability scanner that examines and monitors your network and PCs for more than 50,000 vulnerabilities and potential configuration errors that may expose your systems to compromise. It also includes specific scans to help ensure compliance with regulatory and industry frameworks such as HIPAA (Health Insurance Portability and Accountability Act) or PCI-DSS (Payment Card Industry Data Security Standard).
Metasploit is a penetration-testing platform that lets you test exploits against your network and computer-security defenses and applications, to determine what impact they might have and to identify weaknesses you should address.
Sign up for CIO Asia eNewsletters.