A guest post from Dave Locke of Value Added Systems - a leading edge provider of comprehensive IT Services, from systems design to implementation and management
IT security is often one of the most overlooked parts of managing your business and can be one of the least understood. This is especially true for small organizations without the help of a full IT service department running 24/7/365. Even if you do have an IT department or work with a third 3rd party vendor, it’s always great to regularly review processes to make sure your business and critical business data is protected from external threats. With new vulnerabilities being detected every day, and frequently coming from some of the most unlikely sources, your systems need to be protected using multiple layers.
In the world of IT security, we often look at 2 options; Re-Active and Pro-Active. While both have their merit, a redundant combination is often the only way to protect your business and data. Having a purpose-built IT security strategy and budget is imperative to eliminate system downtime and data loss.
In order to implement a successful IT strategy, it’s important to consider all areas of potential risk. Starting with the hardware, a great place to start is with evaluating your Internet connection. Having a proper Firewall in place to protect your business from the outside world will help block unwanted traffic and allow the connections that drive your business. This is truly a Pro-Active first step.
Just as your doctor will recommend any number of immunizations to protect yourself from unwanted infections when travelling in a foreign country, your computers also require protection when given access to the internet. The right Anti-Virus and Anti-Malware protection (such as Cylance) work to keep your computer safe from all the little bugs that you will encounter as you browse different areas of the internet. This offers both a Re-Active and Pro-Active step to staying safe while gaining access to all the information the internet has to offer!
Another big security concern is around protecting and managing your data. When you have issues accessing critical business data your business can’t afford to waste time finding out what happened – first and foremost you need to get your data back so that you can continue to operate business as usual. Only then can you dedicate time to diagnosing issues. This leads us to the 3 B’s of IT security: Backups, Backups, Backups! When it comes to backup management, working Pro-Actively is the only option. Having a copy of your data replicated to a central server of storage location is great for a fast restore, but if the whole network gets infected or the central storage fails, you want to be able to access information that has been stored on offline media. Tapes or USB drives both work great and are a fast solution for lost data and give you a second line of defence. Adding a 3rd level of media protection by rotating copies offsite also provides that extra level of protection from theft and environmental disasters like a fire or the sprinkler system going off. Taking advantage of cloud-hosted offerings for backups takes the responsibility out of your hands and means you never have to remember to change a tape or swap a drive.
One of the last major points to consider is also one of the most used services for business computers - EMAIL. As one of the most common communication methods across businesses today, email also presents one of the biggest security concerns. While there is no surefire way to prevent the worst, having some of the best spam filtering options in the market at your disposal can help stop threats before they ever become anything serious. Pro-Active scanning options provide some of the most active and advanced threat protection scanning tools so that emails are authenticated before they ever hit your inbox or mail server in the first place. As a second level of protection and for those with on-premises email servers, some spam filter options will queue your email if your local server is not accessible for any reason.
While the above examples only cover a couple of the many ways to protect your network and your data, a review of current strategies is often the best place to start. Begin by finding out what protection you currently have and how it works, to then identify any gaps and allow you to prepare a disaster recovery plan. Each business has unique requirements and so working with a knowledgeable team and the right people can help you make informed decisions that work best for your business needs.