What does information security mean? To many people, this means “making sure confidential information stays confidential”, in IT we sometimes include “ensure your systems feel at ease against a thing that may disrupt the business”. So a fault that allows someone (either accidentally or by malice) to stop your systems from working but doesn’t reveal confidential information might still be described as a security issue.
Some of the ideas here may require your small business to seek outside help. None of them, however, must be particularly expensive to follow.
Prioritize the problems you face
While it’s natural to bother with viruses and outside hacks (and you need to certainly be running anti-virus software), that may not be the greatest issue you face. What about the individual that you needed to sack recently for misconduct? What about the individual you know was upset regarding their pay rise this coming year? What about the temp who’s absolutely great at what s/he does but will accidentally delete a bad file? All these people may cause your organization issues, causing all of them to have a very much better possibility to accomplish that.
The best thing that can be done here’s to look at how your systems are set up and place together simple, easy-to-follow strategies to make certain that the access folks have – and so the damage they can do – is bound. For current members of staff, ensure that they’re only given what access they need to do their job, as well as for people leaving the corporation to ensure that whatever the circumstances, they return any equipment to remain issued with and many types of their usage of IT systems is revoked.
Thoroughly check PCs before re-using them
Ideally, you’d wipe PCs entirely and reinstall everything, but that’s not always practical in a small business. In any event, you must at least make certain that you remove any private information prior to deciding to hand your old PC onto the newest receptionist. This is especially vital if you have been utilizing it to keep confidential information – you almost certainly will not want last years’ pay review spreadsheet being printed, for instance.
This is useful advice even when there aren’t confidential facts about a PC as it gives you a chance to wipe any software that does not must be on there any longer. This subsequently cuts down on the probability of you accidentally exceeding your allotted licenses – which may be extremely expensive.
Centrally enforce updates
Do you know how your PC occasionally prompts you to definitely say “Your PC may be updated, please reboot”? And how it never prompts you at a nice convenient time like 5:30 pm on a Friday?
I know it’s annoying but those updates are there for the reason. More often than not, they fix security issues that have developed – and if you never put them to use, one’s body will likely be absolutely ripe for the next major problem that produces businesses worldwide to watch their IT collapse around their ears. Mercifully such events are pretty rare, but they do happen.
If you have got many PCs, it’s worth setting them up so that they all get their updates at a convenient time to ensure that nobody can disable it. If you have a site, you can do this centrally so you do not need to visit each PC subsequently.
Don’t do anything you don’t need to
Virtually every bit of technology you may use has a great big large list of things it might do – along with a rather shorter list of issues you actually value.
Here’s the rub:
Every extra feature your technology offers is the one other thing to travel wrong.
This does not imply you should turn things off indiscriminately – even for a specialist, it is an excellent approach to break systems! – nevertheless, you need to be thinking about “Do I really need this?”. Don’t assume you must explicitly enable this sort of function – frequently you will find systems ship already set up to you must do everything and down to that you turn off items you wouldn’t like.
Encrypt your laptops
Just because you need a password to use your computer does not imply that info on it’s automatically secure. It is still quite simple to access anything on the website – generally, all you need is a screwdriver. The solution is with something called encryption, which uses complicated maths to produce the info essentially impossible to go to without the password. There are a number of options available – from free products such as TrueCrypt to commercial products like PGP. There’s nothing wrong with using the free products, nonetheless, they have a tendency to offer substantially fewer ways of solving the problem of “Oh dear I’ve forgotten my password”. This is particularly crucial considering that as soon as the laptop is encrypted, nobody – not me, not you, not Bill Gates, not really MI5 – could get in the information about it with no password.