Thou shalt . . .
Install and update anti-virus software. Bugs are still the biggest general threat to individual PCs and servers. They can crash systems or make them behave erratically. Crucially, they can wipe or corrupt your data. Even worse, you may not find out about the specific damage until it impacts on the business in some way.
Server level is not enough. The threat can equally come from CDs and diskettes, USB keys or, indeed, anything used to store data – even music CDs and DVDs, particularly those that have been copied.
But remember that anti-virus systems are essentially only as good as the latest update. So always update, on all machines, and if there is an automatic updating option, seize it immediately.
Thou shalt . . .
Install firewalls on every server. This is the first line of Internet defence. Without a firewall, any business network is like a warehouse without an alarm or a guard. Sooner or later, someone will try to break in and will probably succeed. The firewall prevents unauthorised entry of anything suspicious, much less actively hazardous. It works with anti-virus and Intrusion Prevention software to check every data packet in the traffic and reject or suspend anything dubious. A firewall appliance is a smart and inexpensive plug-and-play option.
Thou shalt . . .
Install and update anti-spyware. This is a fast-growing new threat that could report back your web viewing record – possibly harmless – or all e-mail addresses including your customer list. Really clever spyware logs and reports every keystroke. Because spyware activity is often indistinguishable from legitimate traffic on the network, it requires specialised software, mostly from the established antivirus vendors, and regular updating.
Spyware usually nestles itself into client machines and can be triggered by anything (re-boot, date entry, specific application, etc.) so it poses particular difficulties for network systems. It often surfaces inside the firewall because the user and device have already been accepted as trusted entities or because a user has unknowingly consented to the download and the system knows no better.
Thou shalt . . .
Update and install security patches to close off vulnerabilities in Windows operating systems and all related software such as MS Internet Explorer, Exchange, Outlook and Office. If you have neglected to install the major Service Packs to your version of Windows, that is also potentially dangerous. The worldwide dominance of Microsoft software means that its products are always the first to be targeted by malware. Other software vendors also issue such patches in response to specific widespread new threats.
Thou shalt . . .
Treat all attachments as potential plague carriers. E-mail attachment is one of the most useful tools the Internet has brought but it carries huge risks because the files can have hidden content that bypasses or deceives normal security systems. A compressed or Zipped file, for example, may be opaque to security software inspection. When un-Zipped, damage can be done undetected, or before anti-virus software kicks in.
Most small firms can happily limit the file formats that the system will accept based on their normal business activity. Executables (.exe, .com, .vbs, .scr) should always be barred, while music and video files will not often be required for business purposes.
Thou shalt . . .
Insist on strong passwords. Names, surnames and nicknames are ridiculously easy for hackers and malcontents to break. Names of counties and football teams, dates of birth, and so on are only marginally more secure. A password that is the same as a username is just daft. The experts would propose the use of randomly generated alphanumeric code at least eight characters long, but 99% of normal human beings would immediately write it down, probably in a couple of places.
There are lots of tips and techniques to make passwords both memorable and secure, e.g. take a line of a song and a letter per word. So Like a Bridge over Troubled Water becomes labotw, or eaerdr if you use the last letter.
The key business rule is to insist on the use of less obvious password formation, and that all passwords be changed at least twice a year. Cancelling passwords when someone leaves a company is essential. Best of all is to have the rules automatically enforced at network level: out of date password, access denied, talk to the boss.
Thou shalt . . .
Draw up a General User Policies code in writing for Internet access and for all computer systems use. For example: Establish a clear Acceptable Use policy for all Web browsing and consider limiting by site category (no gaming, pornography, etc.) duration, or other criteria. Personal use limitations should be clear.
Notify staff and log all web activity by username.
Regularly inform all users about policies such as ‘no downloads’.
Do not allow the downloading or installation of unapproved software of any kind, especially games and other entertainment items.
Establish a rule that all removable media will be scanned prior to use.
Pay particular attention to remote access users uploading files to the network.
Establish clearly what the sanctions are for policy breaches or abuse, e.g. Porn = dismissal.
Thou shalt . . .
Limit who has access to what. There is no need for everyone to have access to everything. Passwords or other authentication should be set for all systems settings and configurations, applications or databases such as accounts, electronic banking, customer lists, Web site changes or e-business transactions, personnel files.
There are several crucial reasons for security measures in even the smallest business :
Embezzlement is much more common than clever hacking
Disgruntled employees (and ex-staff, especially those sacked) can do untold damage, probably with no visible trace or proof, after the event
Everyone wants to know how much the boss is earning
Thou shalt . . .
Remember that laptops are computers, too. All the rules and procedures for desktop machines on the LAN should be replicated on every portable machine. That applies especially to the direct security processions such as anti-virus and related installation and updating, firewalls as well as rules for web access and personal use. Children using Daddy’s or Mummy’s work laptop on the Web at home are a serious ‘back door’ unless the machines is properly protected.
Thou shalt . . .
Back up, back up again and then check that you can restore your data. That means all your data, because email on both server and desktop can contain much important information, correspondence and contact details.
What is on the reps’ laptops is company information too, and often at least as valuable as the centrally held data. So ensure that they are backed up regularly also, preferably to the main LAN system.
Your backup data on whatever portable medium (tape, CD or DVD, disk drive) is of no value whatsoever if it goes up in flames with the rest of the office. Always keep at least one copy well off-site, please . . . and not in the boot of the boss’s car!
Subscribers 0
Fans 0
Followers 0
Followers