Ten Ways to Secure Your Small Biz Computer Network
If you don’t have a full-time IT staff or a company like Plexus taking care of your computer infrastructure, here are 10 basic things you can do on your own to keep your office network running smoothly.
- Keep Your Anti-Virus Program Current – Make sure your anti-virus program subscription is current and the software is updating properly. Just because anti-virus software came with your computer does not mean it is protecting you, so make sure. I do not recommend the Nortons and MacAfees of the world, the ones that usually come with a free trial on all new PCs these days. If you did not purchase the subscription I recommend instead installing the free versions of AVG or Avast which were ranked higher by Consumer Reports than the best known brands. For your servers, however, I recommend Trend Micro which will come at a very reasonable price, especially compared to the cost of recovering all your critical files from an infected server.
- Use an Internet Gateway Appliance – You’ve probably heard the advertisements on the radio for spam blocking firewalls, but there are many equally effective, less expensive or free options, such as that from Untangle. These devices sit between your Internet connection and all of your computers to filter out any kind of junk whether it is hitching a ride on a website or an email. My feeling is that if a bug is trying to get into my house, I want to stop it at the front door rather than catch it in the kitchen, so let’s keep these things from ever reaching your computers
- Be Vigilant – Even if the email is from someone you know, if you are not expecting an attachment, don’t open it. If the email includes a web link, are you sure you need to click it? If a sales guy shows up and wants to show you files he has on his flash drive, politely decline. A couple of years ago a colleague and I were interviewing local developers for a relatively small database project. As he twirled his shiny keychain flash drive on his finger, he offered to copy the data files so he could take a closer look at home and get back to us. Suffice to say we declined and said we’d get back to him.
- Limit Employee Computer Use – If your employees have unfettered web access from their computers, you’re probably inviting trouble if they don’t need web access to perform their job duties. Appliances like Untangle can easily block, limit or monitor web activity by each user. For a cheap alternative, check my blog my post from back in January about a free and effective web blocking tool built right into Internet Explorer called Content Advisor.
- Control CD Burners and External Media – CD/DVD Burners, Flash drives and cell phones make data incredibly portable. So portable that critical company data could walk right out the front door snuggly tucked away on the flash drive of a temp, or in the iPod of an unhappy employee. Just like the Internet, if they don’t need it to do their jobs, don’t give it to them. Here’s a link for free tools to turn off USB ports and CD burners.
- You Must be ‘This High’ to Go on this Computer – If kids visit the office, don’t let them on the computers. If you leave your computers on overnight, make sure to lock them (Control + Alt – Delete + Lock Computer). We wouldn’t want to tempt the cleaning crew or their kids, now would we?
- Routine Maintenance – Back in the I Love You, Nimda and Melissa Virus days we pulled a few all nighters cleaning machine after machine that were infected, not because they did not have anti-virus software, but because they lacked the latest Microsoft patch that plugged a security hole. For workstations we recommend setting Windows Update to automatic. As needed the computer will receive and install needed Microsoft security and software updates. Make sure that your anti-virus is configured the same way. For servers, I recommend configuring it to download the updates, but let me choose when to install them. This way I can do the updates after hours or on the weekend so, if there are problems, I have plenty of time to fix it before people start showing up for work.
- Secure Your Wireless Network – When Wi-Fi first came on the scene I could almost count on having a free Internet connection wherever I went thanks to people being too lazy or too intimidated to configure wireless network security. Today, however, they are easier than ever to secure, so make sure yours is before people start hanging out in your parking lot with a laptop and latte to surf your network and send god-knows-what to god-knows-who.
- Windows File Permissions – The Windows operating system has got permission settings built into it to limit or grant access to people or groups. For example, if you have a folder with files you only want you and your accountant to access, but not Becky the Admin Assistant. Or, perhaps you have performance reviews to which only you should be privy, you can set that up as well. These are easy to set up, but you might require a little training first. Give me a call and I can walk you through the process. If you try it alone, practice on a new folder with dummy files rather than accidentally lock yourself out of the payroll folder.
- Disaster Recovery – Some call this Disaster Prevention Planning, as in, let’s avoid having to recover to begin with, but I like the term Business Continuity Plan, as in, disaster or not, let’s make sure our business continues to run unaffected. No matter what you call it, do you have a plan and some mechanism in place to help you stay in business, or at least recover quickly if there’s a flood, an earthquake or someone forgets to pay the power bill? Trust me, I’ve seen all those things happen. If not, here are some questions to ask yourself when developing your plan:
- Do I have an up-to-date, reliable backup of my data?
- Do I know how to use the backup software to recover my data?
- Do I have a copy of the software needed to run the data?
- Do I have a computer to install the software and data on?
Once you have your plan in place, test it out so you can discover and fix its shortcomings then make sure everyone knows the plan exists and run through it with them.
If you’d like help developing a business continuity plan or implementing any of the other measures described above, please give us a call. we’re happy to help!