No matter how much data and information is kept by your business, information security is a topic that needs to be addressed. While large companies may have entire departments dedicated to ensuring the security of their information assets, there are some basic steps a small business owner can take to significantly reduce the potential for a significant security incident. These basic tips are a combination of implementing the right technology and establishing and enforcing policies.
Make sure all computers have valid, up-to-date anti-virus software installed checking daily for virus signature updates.
Make sure all computers have the latest vendor software patches installed.
Never open an e-mail attachment you were not expecting, even if it is from someone you know.
Consider a gateway e-mail antispam and antivirus solution that will remove these messages before they ever reach your e-mail server.
Make sure your Web browser is configured for safety when browsing Web sites.
Never share a password, PIN, credit-card number, or any other sensitive data through e-mail or to a Web site that is not 100% trustworthy. Make sure that any page requesting this information on a Web site is protected through SSL and has a valid certificate.
Make sure all computer systems require a login and password to access. Passwords should have a defined minimum length, should be complex, and should expire after some period of time.
Enable or install personal firewalls on your computers.
Make sure you have a backup of your critical business data in an off-site location. If possible, this information should be encrypted if it is on portable media.
Provide basic computer security training to new employees and periodically send out reminders to all employees regarding security practices.
President & CEO