No matter how much data and information is kept by your business, information security is a topic that needs to be addressed. While large companies may have entire departments dedicated to ensuring the security of their information assets, there are some basic steps a small business owner can take to significantly reduce the potential for a significant security incident. These basic tips are a combination of implementing the right technology and establishing and enforcing policies.
• Make sure all computers have valid, up-to-date anti-virus software installed checking daily for virus signature updates. • Make sure all computers have the latest vendor software patches installed. • Never open an e-mail attachment you were not expecting, even if it is from someone you know. • Consider a gateway e-mail antispam and antivirus solution that will remove these messages before they ever reach your e-mail server. • Make sure your Web browser is configured for safety when browsing Web sites. • Never share a password, PIN, credit-card number, or any other sensitive data through e-mail or to a Web site that is not 100% trustworthy. Make sure that any page requesting this information on a Web site is protected through SSL and has a valid certificate. • Make sure all computer systems require a login and password to access. Passwords should have a defined minimum length, should be complex, and should expire after some period of time. • Enable or install personal firewalls on your computers. • Make sure you have a backup of your critical business data in an off-site location. If possible, this information should be encrypted if it is on portable media. • Provide basic computer security training to new employees and periodically send out reminders to all employees regarding security practices.
Michael Proper President & CEO DirectPointe Lindon, Utah