WinBackup makes it easier than ever before to secure your data by making regular backups. Not only will WinBackup help you organize your backups and schedule automatic backups, it will also protect your data using the latest encryption techniques, compress data to save space, create detailed logs of all backup operations, and more. WinBackup also features one of the most intuitive user interfaces you have ever seen, making even the most advanced features easily accessible to beginners and professionals alike.
See what WinBackup can do for you!

 

Ten Tips for Securing Your PC Systems
By Joshua Feinberg

 

Even if your small business doesn't have a vital or particularly vulnerable e-commerce function, the following are some easy to follow suggestions for organizing your efforts.

1. Survey where and how confidential data is being stored

Is your company making it too easy for the "bad" guys? Regardless of whether you perceive your highest risk to be a disgruntled former or current employee, competitor, or hacker, get proactive about pinpointing high risks.

For starters, how are data and files protected in some of the following sensitive areas? (You can't know what you need to protect until you know where these items reside.)

  • Bank accounts and securities records
  • Blank checks and other similar business forms
  • Client lists
  • Credit card numbers - including your corporate accounts, merchant accounts, and client transaction records
  • Personnel files - including employee performance and salary reviews, payroll data, bonus information, social security numbers (and their equivalent outside the U.S.), and offer letters
  • Profit margins, earnings projections, and any other "not-for-public viewing" financial statements
  • Proprietary data and other intellectual property - including formulas, recipes, trade secrets, and other patent-able assets

2. Get serious about passwords

Do employees routinely "share" user names and passwords? (Do people know each other's logons?) Are employees allowed to use blank passwords?

How often are employees required to change passwords? How are logons and passwords changed when an employee resigns or is terminated?

Do you have a written policy forbidding employees from security-defeating practices, such as leaving their system logon on a Post It note on their monitor?

Does your network file server enforce complex passwords, so that passwords must be a certain length and include upper case, lower case, and a mixture of both alpha and non-alpha characters?

3. Secure your network workstations

If your small business has invested in business class versions of Microsoft Windows on the desktop, such as Microsoft Windows NT Workstation 4, Microsoft Windows 2000 Professional, or Microsoft Windows XP Professional, are you leveraging its heightened security potential?

For example, do all of these PCs run the more secure NTFS file system? Are these PCs set to not display the name of the last user who logged onto the PC successfully in the logon dialog box? (This is the dialog box that pops up when you press Ctrl + Alt + Del to logon to the PC.)

Most importantly, is any sensitive company data being stored on PCs running the incredibly vulnerable operating systems from the Microsoft Windows 9x family?

4. Post a logon disclaimer referencing company policy

In many jurisdictions, you cannot prosecute a security breach unless you have a conspicuously posted logon disclaimer that's displayed before system logon. (If this is of concern, check with your attorney.)

Fortunately, adding a popup logon disclaimer is very straightforward to implement in the Microsoft Windows operating systems. Here's what we use (again check with YOUR attorney before implementing), "WARNING - Unauthorized use of this system is prohibited. All usage subject to Terms and Conditions in Company XYZ's Policy on Acceptable Systems Usage."

This is also a great opportunity to reference any company-wide employee Internet access policy.

If you need assistance getting started with drafting such a policy, check out How to Write Your Company's Small Business Internet Usage Policy at http://www.smallbiztechtalk.com/news/archives/tips070201-ht1.htm

5. Build a security matrix to organize permissions

Do you know who has access to what and who doesn't? Is this documented somewhere?

To get started, put together a simple Microsoft Excel worksheet that lists various network shared folders and rights across the top of the columns, with a list of users or groups in column A.

Then at the intersection of each user and shared folder, indicate whether each user or group should be granted permission to the shared folder in question. This doesn't need to be a complex document. It should simply help you think about how data security needs to be applied company wide.

6. Back it up before you lose it

International Data Corp. (http://www.idc.com) has said that about 80% of small business and home office PC users have crucial data on desktop PCs and notebooks that's not backed up regularly. Don't become a statistic.

Make sure you implement and stick with an automated backup system, where you regularly monitor the log files and run test restore jobs. Also be sure to invest in a substantial media rotation plan and rotate your backup media off site on a daily or weekly basis.

7. Go on a power trip

Do you think your company and network are immune to power problems? Power disturbances can take many forms, such as surges, spikes, brownouts, sags, and blackouts. Utility companies cannot provide electric power that is consistent and clean enough for PC-related hardware.

So your company needs a strategy for coping with this lack of power reliability.

You need to protect not only your hardware from physical damage (i.e. getting "fried"), but even more importantly, your irreplaceable company data.

For an introduction to power protection, see my How to Keep Your Small Business Computer Systems Safe from Summer Storm Damage (Seven Simple Strategies to avoid the wrath of PC electrocution) at http://www.smallbiztechtalk.com/news/archives/tips050701-ht1.htm

8. Don't get tripped up by a virus infection

As web browsing and e-mail become mission critical for our small businesses, it's more important than ever to implement and regularly update an easy-to-follow anti-virus software regimen.

The single most important element in this strategy: you need to constantly update the scanning engine and virus signatures/definitions.

New virus strains are introduced daily. Anti-virus software that hasn't been updated in as little as 90 days becomes virtually worthless. If your anti-virus software updates aren't being done at least once every seven to ten days, you're courting trouble.

9. Tap into Microsoft's Free Tools

While many in the security "know" often ridicule Microsoft's massively embarrassing security failures, Microsoft does have monopoly-level market share in many categories and as such cannot be ignored.

First, make sure your systems are current on the latest patches, services packs, and hot fixes. The Windows Update (http://windowsupdate.microsoft.com/) and Office Update (http://office.microsoft.com/productupdates/) sites are a great starting point.

To learn more about this topic, check out our recent article Windows Update Keeps Your PC from Spawning Digital Cobwebs at http://www.smallbiztechtalk.com/news/archives/tips100801-bn1.htm

Second, you can get a quick pulse on your PC's basic security readiness with the Microsoft Personal Security Advisor.

Small Biz Tech Talk's recent coverage of this free tool, How Secure is Your PC? Get a free checkup from Microsoft Personal Security Advisor, is online at http://www.smallbiztechtalk.com/news/archives/tips092401-bn1.htm

Finally, take some time to look at Microsoft's new Strategic Technology Protection Program (STPP) at http://www.microsoft.com/security/.

10. Make sure your firewall is really a firewall

One of the best and only ways to keep the "bad" guys out is by investing in a firewall.

If you have centralized, network-based Internet access, your firewall needs to be integrated into your proxy server or router implementation.

For a network, your firewall should really be selected, installed, and maintained by a qualified computer consultant. If you have a standalone PC, especially one that has a full-time Internet access connection such as xDSL or cable modem, it's crucial to invest in a personal firewall. The good news: with easy to install and very inexpensive personal firewall offerings, there's no excuse for not being protected. As a starting point, check out ZoneAlarm Pro (http://www.zonealarm.com) or Symantec's Norton Personal Firewall (http://www.symantec.com).

11. Bonus tip - Don't neglect physical security

While it's great to identify and plug up all these individual vulnerabilities, don't forget about some of the more obvious items.

For example, if your server and backup tapes aren't kept in a locked room with limited access, could someone literally just walk away with all of your data?

Is your phone system, phone cabling, or network cabling in a telecommunications closet with "open" access, where someone could literally just walk in and plug in their eavesdropping equipment?

 

Copyright (C) 2001, KISTech Communications Corporation, Used by Permission

Joshua Feinberg is an internationally recognized small business technology expert, consultant, columnist, author, keynote speaker, and trainer. He is a published Microsoft Press author, as well as the creator of and two-year veteran writer of the Microsoft Direct Access "VAPVoice: Notes From the Field".  Learn what your highly paid computer consultant doesn't want you to know!

 

back to ProtectionConnect.com Feature

Copyright © 2002  Alliance Internet Marketing