The recent troubles of Sony and Nintendo have caused the security of business IT systems to become a hot topic in the media, highlighting the importance of online security; something which is often ignored. While these stories may give the impression that only large corporations are targeted by hackers and thieves, the reality is that hackers are increasingly targeting small businesses because they usually do not have the resources or know-how that large corporations do.
Whether the threat is from an unhappy ex employee, a spam site or a malicious hacker, IT security issues can be very hurtful to your business. The cost to buy replacement equipment or combat any bad press or loss of business after “losing” customer’s information can be hard to recover from; however there are some easy steps which you can take to prevent and avoid these events.
- Use a well respected and reliable hosting service that has a proven track record for safety and quality of service.
- Install a firewall for your internet connection that has been correctly configured.
- Install anti-virus software on all computers, laptops and servers and remember to update it on a regular basis to defend against the most current malware and viruses etc.
- Instruct all employees to create passwords with special characters and numbers, not just their cat’s name. Ask employees to keep the password to themselves and to not write it down. Delete ex-employees’ access rights as soon as they leave.
- Restrict the use of USB flash drives and make sure they are ‘signed out’ when needed. Keep records of who owns a flash drive and ensure that all information on the drive is logged.
- Monitor social media usage. Phishing sites are often posted on both Facebook and Twitter which enables the computer to be hacked, either resulting in virus/malware or personal information being taken from the computer.
- Password-protect your wireless connection. Encrypt your Wi-Fi by turning on WEP (Wired Equivalency Privacy) or WPA (Wi-Fi Protected Access) on all of your devices.
- Provide training for employees on the above points and create a reference guide on your security procedure. Once created ask employees to sign that they agree to the procedures.