Article: A FEW SECURITY TIPS FOR YOUR BUSINESS

by Zachary Price


OVERVIEW

With the inherent stresses that come with running a business, there is often little time to digest the complex intricacies of security software. According to recent studies many business owners eschew the notion that their digital assets may be vulnerable to attack. Although an attack or infection can be potentially catastrophic, many believe damage caused by viruses, hackers and worms only happens to others. They consider their data to be of little use or value outside of their organization. Even executives that acknowledge the existence of these hazards seldom have the time or the budget for security audits and/or an overhaul of their workflow procedures to comply with best security practices.

Below are a few simple tools, tips and guidelines that can help your business take a proactive approach to data security. By implementing the following, your business data will be less susceptible to financial damage caused by accidents and malicious attacks.

REGULARILY UPDATE YOUR SOFTWARE

Although valiant efforts are often made to write safe software, the fact is that no software is ever bugfree. Hackers exploit these bugs for a variety of reasons including fun and money. It is critically important that your software is updated on a regular basis. Most operating systems, firewall and antivirus can and should be configured to receive regular updates.

Update MS Windows visit: windowsupdate.microsoft.com
Update Mac OS visit: http://www.apple.com/support/

INSTall FIREWALLS

Firewalls separate one network from another and are frequently used to separate a companys internal network from the Internet. Firewalls not only mask the identity of the individual computers behind them, they also examine and filter potentially damaging data entering or leaving the network. It is good practice to install both perimeter and clientside firewalls.

Some firewall providers include:
Watchguard: www.watchguard.com
Cisco: www.cicso.com
ZoneLabs: www.zonelabs.com

INSTALL ANTIVIRUS PROTECTION

Hundreds if not thousands new malware programs are released each month. These include viruses, worms, Trojan horses and host of other programs. Symptoms of infection range from the annoying to catastrophic. Because viruses can slip through firewalls posing as a legitimate email or program, installation of clientside antivirus software is important. Install only the latest version of your chose antivirus program and make sure to regularly update and scan your system.

Well established antivirus providers include:
Norton: www.symantec.com/product/index_smallbiz.html
AVG: www.grisoft.com/
Panda Software: www.pandasoftware.com
McAfee: us.mcafee.com/virusInfo/default.asp

PROTECT THE CONTENT OF YOUR SENSITIVE FILES AND EMAIL

Email doesnt have to be a public announcement, yet private messages often turn out to be. Email and files containing sensitive business information such as strategic plans, contracts, financial information, designs and more all too often spread beyond the individuals they were intended for. According to a recent report by the Computer Security Institute loss of proprietary data was the third leading cause of financial damage to organizations last year.

To mitigate this problem consider using rights management software to protect your sensitive business data. Content rights management software not only encrypts files, but also serves to enforce access and limit usage privileges such as forwarding, editing and printing. These protections are persistent and remain with your files no matter where they travel. Any business that frequently exchange medical, financial, legal or design data should make regular use of encryption and content rights management technologies

Some established providers include:
Authentica: www.authentica.com
Essential Security Software: www.essentialsecurity.com
Microsoft IRM: www.microsoft.com/windowsserver2003/technologies/rightsmgmt/default.mspx

ESTABLISH A PERIODIC BACKUP STRATEGY

Periodic backups are required to ensure business continuity in case of an accident such as a harddrive failure or attack. In a networked environment full and incremental data backups can be programmed to take place at regular intervals. Small offices environments should backup their sensitive data external harddrive or cd at least once a week. It is good policy for companies to backup email as well. Backup data should be stored offsite in a secure location. Be sure to test your backup processes to ensure that indeed your data can be restored lieu of an operational failure.

Secure offsite data storage providers:
Iron Mountain: www.ironmountain.com
First Backup: www.firstbackup.com
KastenChase: www.kastenchase.com

USE STRONG PASSWORDS

Passwords are used to authenticate the identity of an individual user. Unless otherwise protected, once a password is broken your sensitive data is exposed. With free software that is readily available on the web, most passwords can be broken in a number of minutes. These programs often use known words and phrases to break passwords frequently beginning with password and admin. For good password security use a combination of uppercase and lowercase letters, numbers and symbols (i.e. eR8>tJd ). Make sure that your employees memorize their passwords and that these are not written down anywhere on premises.

HIRE A SECURITY CONSULTANT

While tips in this article will help your company to be more secure; every business is different and requires its own security strategy. Consider hiring an independent security consultant to asses your individual security situation. They will be able to help you create a comprehensive security policy that will meet your business needs.

EDUCATE YOUR EMPLOYEES

No security plan is effective unless followed by your employees. Measures can be taken to severely limit their privileges such as browsing the internet, reading email, or preventing the reading of files from USB drive or cd. However, draconian security measures can interrupt workflow and damage productivity. A better policy is to limit some user privileges while educating your employees about your companys security policies.

Visit www.essentialsecurity.com






About the Author


Mr. Price, a cofounder and organizing shareholder of Essential Security Software, serves as the companys Product Marketing Manager where he is responsible for global marketing, new product and service development, and strategic partnerships. Zachary has authored many security related articles which have been published in a wide variety of magazines, newsletters and websites


Related Resources

Resources