While small to midsized businesses, also called SMB’s, don’t have the luxury of information security teams and resources that large enterprises can afford, they still face many of the same threats.
Generally thought of as having up to 500 employees, small businesses actually make up the majority of companies in the United States, making them a critical part of the economy. Their customers naturally expect personal and financial data to be kept secure, and a data breach is a painful and expensive ordeal.
To that point, here are four reasons why desktop security is vital to your business, and the steps that you can take to improve your network and business security.
Institute the Security Basics
That means firewalls for wireless and wired-based access points, and anti-malware on endpoints and servers, acknowledging that traditional signature-based anti-virus is a limited form of defense.
Consider technologies such as ‘whitelisting’ to prevent computer software downloads.
Be rigorous about patching all operating systems and applications as quickly as possible. If your business is short-staffed in terms of security expertise, seek outside technical support under a managed security services arrangement.
If there’s a malware outbreak, for instance, you will need that expertise.
Keep in mind that if your business accepts credit/debit cards, and it’s mandatory to adhere to the data privacy requirements spelled out in the PCI guidelines, which also includes encrypting sensitive information.
The government’s HIPAA security rules also require encryption of personally identifiable information in the healthcare industry. Encryption of data at rest and in transit is just a good idea — so why not do it?
Employee Training
Ensure that your employees that are using email and your Internet access are trained on what they are permitted to do and what they should never do like opening any suspicious attachments.
Most companies employ a computer use policy to not only outline how surfing the web in their spare time can put the computer network at risk, but it can also outline how to avoid phishing emails and identify suspicious attachments.
Beware of Downloads Not Pop-Ups
Installing and maintaining a good firewall will help block Internet traffic to and from nefarious or malicious sites.
You may have knowingly downloaded this software in exchange for free services or you may be unaware that it is on your computer (for example, if you download several software programs bundled into the same download).
Beware of downloading software with offers of “free email virus protection,” a “no cost Internet accelerator” or other such enticements if you have to give up your privacy and the security of your online financial transactions. These offers can result in a third party company monitoring your Internet activity.
Backup Your Files
It’s scary to think of hackers getting control of all your personal information, but it’s scarier to think that all of your hard work could disappear in an instant without a proper backup in place.
Make sure that you have taken adequate steps to back up your data, and for important data (anything important to the business but that doesn’t get updated frequently), centralize it on a server and back it up semi-regularly off-site.
Here’s Kevin Baylor with Alliance IT breaking down the 3-2-1 method to backing up your data.
Conclusion
Most companies wait far too long to evaluate their security risk and network health.
These are not simply suggestions for ways to do regular maintenance, but rather mandatory essentials for any company to employ in order to prevent disaster.
Ask anyone who has had a computer die, or a virus wipe them out. It’s not an uncommon occurrence. So before you wind up with a real life nightmare of a down and possibly un-recoverable network, exercise the preventative measures needed to maintain your network’s security and health on a regular basis.