Whether you missed our Computer Security workshop, or are just looking for some tips to better protect your workplace computer security, here are 10 quick tips that you can apply in your business to enhance your protection against the most common computer security threats.
- Use complex passwords
- The number one reason for unauthorised computer access is a result of employees using simple passwords and sharing their passwords with other employees.
- The main reason most people don?t have complex passwords is because they say ?It?s too hard. I have to remember soo many different passwords and pin numbers!?
- Use software like LastPass or KeePass (which works on your computer AND your mobile phone) to generate and store complex passwords.
- Require every employee to use a 12 digit, complex password (YES, with all the upper case, lower case, numbers, etc that drives us all crazy ? Do it! Your data is too valuable to risk as a result of password laziness!)
- Require password changes every 30-90 days. Do not allow passwords to be re-used.
- Review User accounts on your network
- It?s scary the number of businesses we have walked into and found user accounts for staff that left over 12 months ago, still active and quite often accessible from remote locations.
- Review the user accounts on your computer systems regularly and disable or delete any employee who no longer works at the company.
- Develop a procedure of what needs to be done upon the departure of an employee which includes backing up their files, email and locking out their access from all appropriate systems.
- Restrict access to USB and CD-ROM drives
- We are seeing a huge increase in viruses being introduced into otherwise ?secure? networks as a result of employees and even clients bringing infected USB devices into the office and plugging into a company computer.
- General employees should not need to install software themselves ? limit this to your computer guy.
- USB drives and CD-ROM drives are the number #1 cause of your intellectual property (data) being stolen. Once an employee has decided they are leaving, it?s already too late to stop them from taking copies of files that belong to your business.
- Lock down User access
- You may think this is over the top, but do not allow your employees to install software themselves. When a user complains about their computer running poorly we most often find it?s a result of software they have installed which installed ?junk? along with it, slowing down the computer.
- If staff can install software they can potentially compromise your computer security, creating holes so they can ?do what they want?, which opens your computer systems for viruses and attacks.
- Your business computer systems are a business tool, not a toy, and should be treated as such. If an employee wants to play ?IT Guy?, let him or her do it on their own home computer, not your valuable business equipment
- Install a Unified Threat Management (UTM) Firewall
- Most people don?t realise that the router/firewall supplied by the internet service provider, or purchased from a local store, is ?dumb?. All it does is provide multiple computers with internet access and block a very small percentage of internet based problems.
- Invest in a firewall that scans all internet activity for viruses, malware and spam, as well as allowing you to control what internet services and websites your employees have access to, reducing your exposure to internet based attacks.
- Keep your Software up to date
- Make sure all your software is kept up to date and patched.
- Over 1,000,000 new viruses get released every month targeting ?faults? hackers find with computer software. Using software that is not up to date and patched significantly enhances your chance of being a victim.
- Where possible invest in the software vendors support and/or maintenance program so you receive the latest version of software, all updates and telephone support. Yes it is going to cost you more money in software fees and you may feel you hardly ever need the support, but just like an insurance policy, you never know WHEN a problem may occur and as they say ?it?s better to be safe than sorry?!
- Ensure you are running an effective Anti Virus solution and it is up to date
- We read AV-Comparatives reports to keep up to date with the top rated anti virus software. If the software you are using in your business is repeatedly not in the top 5, you need to change.
- Of course don?t go changing every year as anti virus software is very competitive and products do change a lot. If the software you?re relying to protect your business from viruses is outside that top 5 for a long time, you are putting yourself at risk of problems!
- Run a weekly scan of all computers and files at the very least.
- Install a ?Second Defence? scanner to protect your computers from Malware
- Many viruses will target the anti virus software as the first part of their infection, which means even the best anti virus software can be thwarted.
- By using products like HitmanPro and MalwareBytes you provide your computers with an extra level of protection as these systems are run (scan) on demand and as a result are not as much of a target as your anti virus software.
- Run a weekly scan at the very least.
- Ensure someone is monitoring the health of your computer systems 24?7
- This may sound like a sales pitch, but to properly manage a computer network you need to read your computer and server log files, looking for any existing or potential problems; statistically monitor the CPU (Processor), RAM (Memory) and Disk (Storage) usage; Check anti virus definitions; Run anti virus sweeps and review the outcome; Manage Microsoft software updates and identify any computer that is not completely up to date; Review backup logs and run MANUAL backup tests to ensure your backups are working (just because the log file says it worked doesn?t mean it will work when you go to restore from it!!!); Look for potential security attacks on your systems; Identify software and processes running on your computer systems that should not be; ?and a lots of other things you should be doing, but are most likely not!
- To properly manage and monitor your computer systems takes a lot more time than most people realise.
- Invest in having this done for you ? a good IT firm with the right tools can do this more cost effectively and time efficient than you can do in house, with much better coverage of your systems. Trying to do this in house is crazy ? even if you have an internal resource, unless you invest in implement good systems that automate this process, there is still a high overhead in doing this properly and the last thing you want is for your business to be affected by a problem that could have been easily avoided with the right systems in place.
- Vet your staff
- Perform Police Background checks on every employee. Make sure that people who have access to your business are people you can trust ? beyond face value.
- We perform Police Background, Credit Checks and Random Drug & Alcohol tests on all our staff so that our clients know we have done everything possible to ensure that the people looking after them are the best people to be doing the job.
- What would your clients think if you found out one of your employees had been stealing money, leaking confidential client information, or any other possible problem as a result of their access to your data?
- Use these checks to highlight potential risks to your business, your data and your clients.
- Consult a HR/Employment specialist.
Computer Security Workshop DVD
If you did miss our Computer Security Workshop you can obtain a copy of the DVD which is an excellent tool to help learn about the threats to your business, get management and employee buy-in on why implementing tougher security protocols in your business will help, and outlines steps you can take to protect your business.
Regular Price: $39.95 inc GST which includes postage
Promotional Price: $19.95 inc GST till 30th of June, 2013.
To receive your copy, please fill in the form below.
Source: http://www.insane.net.au/2013/05/10-quick-tips-to-enhance-your-business-computer-security/
darvish george zimmerman website edmund fitzgerald uss enterprise white house easter egg roll 2012 andy cohen andy cohen
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.