Good IT Security Practices
Good IT Security Practices. – an introduction!
This is translated to: how secure is your data. Questions to ask your self are – How important is your data to you, and – how important is your data to your competitor.
How should we secure our business against data loss (or corruption), as ultimately that is what we are protecting and not the machines as they can be replaced!.
There are many ways you can loss your data, - office flood, theft, virus, hackers/ maliciousness, by mistake!
There are steps you can take to protect your self.
Firstly hardware – install a firewall, it is a definite must if you have a permanent connection to the Internet. This will prevent uninvited people from “wandering in”.
Review your server and the permissions you have set up on your system. Who has access to what files in which areas, and what permissions do they have. Ideally client users should not have permission to install or remove any programmes. Only the “Administrator” should have these rights – the theory is that they know what they are doing and the correct procedures and which files are important to the upkeep of the system. Creating new folders in certain areas of the systems and deleting word documents should be enough.
Its not bad to be weary of the disgruntled employee!
Windows Small Business Server 2003 has administrator friendly options and guides to help you delegate the appropriate permissions and set up groups.
Software Firewalls. As hardware walls keep people out, software firewalls other uses is to stop “things” escaping. There are virus’ and Trojan horse that infect files any send them out. Good software firewalls keep everything locked. Norton Personal firewall is suitable for individual machines, but it may be worth investing in a Linux firewall.
Anti Virus comes in many shapes and forms from free software on the Internet, beware of downloading from sites before you check their reputation. Good places to look for references are news groups such as “google groups”, where people have used it and can tell you about their experiences with a particular product. The safest products are the boxed Norton and McAfee products and their range is quite extensive, each having different benefits.
Consider Spamkiller software too, as a lot of spam carries viruses, and viewing them in the preview pane in outlook does not prevent any attacks.
Wireless networks. Wireless access points have an encryption codes. Please check that have proper encryption facilities as it is possible for a stranger to walk past with a wirless laptop and pick up signals – and your data.
The ideal solution – do all of the above, including having software and a hardware firewalls together.
If you are not sure where to start looking for areas of vulnerability, getting a reputable IT company to test your security is a good move. They will in turn send a report highlighting areas of weakness’ and make suggestions for improvements.
Above all – if the worst comes to the worse, make sure you have done your regular backups, some data is better that no data!
For more information on IT security practices please contact Celia Hyde, Commercial Director www.smallbizcomputing.com
