Frustratingly many businesses never fully appreciate the consequences of inadequate security measures until its too late…after the event. Even more frustratingly the steps that businesses can take to secure their IT infrastructure are relatively cheap and frequently involve nothing more than good old common sense.
Virus Protection
Virus protection is an essential component of any business’s IT systems, but organisations need to make sure that their virus protection is up to date and be alert to any update notifications from their supplier. Often the newer viruses are the most dangerous and the most virulent, so your protection can only shield you if it’s up to date.
Spam Filtering
Much of the malicious damage caused to IT systems comes from spam and the easiest way to avoid opening a spam email is to adequately filter spam from your inbox
Data Backup
Many companies religiously back up their data but then fail to appreciate the consequences of storing the back up on site. If a fire were to destroy the business premises or a thief break in then that valuable back up can be stolen or destroyed along with the original data.
Data is only fully protected if it is backed up off site by, for example a routine online backup system. Companies should also carry out due diligence on where their data is being transmitted to…protection can be assured if the data is held at least within the EU but preferably within the UK.
Data Encryption
If businesses are using mobile devices such as laptops then it’s highly likely that business data, personal and client data is being transported out of the office environment on a regular basis.
If the mobile device were to get into the hands of a hacker then this information can be mined within minutes along with passwords, usernames, ID’s and email contact details.
Encryption of laptops is the only sure way to prevent this from happening and will thwart even the smartest of thief’s attempts to gain access to this valuable information.
Equipment Disposal
IT equipment is fast becoming a relatively low priced commodity and with frequent hardware innovations many companies find themselves disposing of IT equipment to replace it with newer and more efficient systems.
Most IT equipment can be and should be recycled, but businesses should beware of organisations that offer to take and recycle their hardware for free – what is their incentive for doing this if they aren’t making any money? Potentially the opportunity to mine data from the hard drives of the outdated equipment.
Reputable IT disposal businesses should offer certification to verify that they have deleted the data to a recognised standard and this is then your reassurance that no the data cannot be mined.
Social Networking Policies
Social Networking, like it or not, is here and here to stay; that extends to business as well as personal use…and sometimes, inevitably the two cross over! It’s essential for businesses to implement a social networking policy to protect the company from any social networking activity which may be detrimental to the business that is conducted on your business premises.
Aside from the security issues social network sites such as facebook and twitter are incredibly addictive and time wasting so you may suffer in terms of losing the focus of staff time on business activities.
Using Cards Online
It has been reported that 85% of the world’s population shop online, which means that credit and debit card details are continually being exposed to potential identity thieves. Most online shopping carts also offer you the option of saving your card details online to save you time next time you shop.
To ensure that you keep a track of activity on your card it’s advisable to use just one card for any online purchases and preferably a credit card which has some kind of fraud protection support from the card provider.
Keep a regular check on your transactions so that any fraudulent activity can be identified as soon as possible and remember; never give your PIN details to anyone.
Passwords
It goes without saying that you should never share your passwords with anyone. Further password protection can be afforded by using a combination of numerical digits, upper case and lower case letters which are personal to you and difficult to guess.
Tempting as it is to use the same password for all sites for ease of memory; you will increase your levels of protection if you use different passwords for different sites and change them regularly.
Shared Usage
Shared usage of laptops demands a common sense approach. Users should each have a personal login so that they’re unable to access files which may be confidential to another user within the business. Users should also password protect files wherever possible and attention to laptop security in general is essential.
Don’t ever be tempted to leave your laptop in the car or out on show when you are away from the office or home. Similarly memory sticks and any type of external memory storage drive should be password protected and kept safe and out of sight from potential thieves.
Scattered storage
Finally, most businesses have a scattergun approach to the storage of data within the company; electronic data is stored on discs, laptops, memory sticks and paper data is stored in filing cabinets, drawers and even briefcases.
When data scattered in this way is lost for example in a fire, reconstructing all that essential historical data belonging to clients, suppliers and employees can be a difficult if not impossible task and could in fact lead to a complete business meltdown.
The sensible approach is to work with a central server which is backed up offsite regularly on which all data is stored. Paper documents should also be stored in electronic format on the central server, even if this means scanning in paperwork regularly.
This should become a straightforward business procedure which is as essential as switching the desktop computer on each day. It could quite simply mean the difference between disaster recovery and business failure.