7 Tips for Small Business IT Security
Tuesday, February 2, 2010 at 03:33PM As on ABC Radio when I was interviewed along with Alastair MacGibbon on IT Security, I mentioned several resources and key tasks to ensure you maintain a good level of security for your organisation or family PC. Here is a quick summary and a list of resources.
- Passwords
- Weak password selection by users is still the most common way to compromise and organisation. Choose a phrase and use the first letter from each word as your password.
- Protecting your system from Malware;
- There are several good solutions some are even free my preferences are my pick of the free is AVG offering.
- The commercial offerings are always battling it out it the reviews and some shine above others. Sophos is something I often see in the field doing a good job IMHO.
- When selecting an antivirus or these days malware protection look for something that protects all of your online activity (Email, Web Browsing and Social Media)
- Patch your software;
- Windows users are often compromised due to lack of updating your software. The windows OS makes use of the built in software update process which should be set to Automatic.
- Third party software also needs to be regularly updated not sure if your it's up to date? Try using a free online tool from Secunia to check if there are any vulnerabilities for the software on your machine.
- Data Encryption
- Windows Encryption tools are very effective against casual attackers. There has been encryption in windows for many years all seamless to the enduser. Windows 7 and Vista have the Bitlocker tool which is simple to very simple to enable.
- Firewalls
- Are you concerned you might have some services exposed to the internet perform a quick free scan at the Shields up website and discover which ports are open.
- If your organisation is starting to look at something more than just a ADSL modem between you and the internet or you need more control on activities your employees are performing online then an entry level firewall will assist. They often do many if not all of the tasks of the corporate big boys without the need for costly staff or $$$. My recommendation for ease of use and features is the Watchguard range of systems.
- Online/Social Media
- The benefits of using facebook, myspace, linkedin and other social media sites to promote your business or catch up with friends and family is wonderful. But as online criminals increase there attack vectors be conscious of what you post online. My advice is don't post anything online that you are not prepared to pin to your letter box at the front of you house.
- Outsource
- If you are about to set up online but don't have the time or money to buy the right equipment or hire staff of consultants (Like myself). Consider looking at Rackspace who provide online virtual servers which you can get full access to and consult there excellent support staff.