security | səˈkyo͝orətē | Noun 1. the state of being free from danger or threat: the system is designed to provide maximum security against known threats.
Considering such a heavily loaded topic, we are obliged to disclaim any warranties as it relates to this information for our friends in positions of knowledge or counsel. Your honors, the evidence may also corroborate that not all organizations have the same security needs. On to the basics, shall we?
Most businesses - and individuals - do have data to protect. Some examples may be your various login credentials; your e-mail, your banking website, your auto loan provider, your Google or iTunes account, etc. You may have financial data stored on your computer in programs, or spreadsheets. You may keep records in plain text that could be used to compromise your identity, or worse!
Some of the buzz words for regulated data types are Payment Card Industry data (credit card info, or PCI) and Protected Health Information (medical record data, or PHI). These are not only worth protecting, there are laws that require it. These types of data can be stored in databases and those databases can reside in multiple places, such as your desktop computer, a local server computer, or a remote/cloud-based computer.
Your data is potentially valuable, but so is your money! Protecting your data is essential, but policies are equally important. We are surrounded by criminals, some simply call on the phone. Have policies in place, even if they are your own rules for unwanted solicitors.
A Few Points of Consideration
Speaking to the composition of a typical small business computer network, there are multiple points of entry into your "trusted network" from the "untrusted network" of the Internet. Some of these are:
A device that helps protect your network by guarding your connection to the outside world. Not all are created equally, and your Internet Service Provider's device typically does not qualify.
For Business: A properly configured, automatically updating Firewall is essential.
Software that helps protect your computer endpoints, and end users. Most current operating systems have integral means of creating software firewalls and in some cases "sandbox" environments to isolate software, but they are not complete solutions. A desktop security suite scans files for malicious software code, monitors for (and ideally inoculates) known anti-virus code, and may use technologies like heuristics to add some degree of intelligence to the system. These things being said, there is no replacement for user education and awareness.
For Business: Your desktop security may be reporting to a provider that is responsible for monitoring it. This is a service we provide, every day.
As new security threats emerge, software manufactures release updates that aim to fill the holes that have been discovered. These updates may be automatic in nature, or they may be manually updated. Operating systems must be updated, as well as additional software programs that are installed within.
For Business: Your system may benefit from more advanced software update configurations that control the type, frequency, and storage location of updates. This also benefits network performance.
You should always have multiple copies of your data, ideally onsite and offsite. You can read a prior post on this topic DATA BACKUP. Archiving your data has the obvious benefit of a "second chance", but there are security advantages as well. A successful data backup strategy secures your data from loss. In some instances, it may help you avoid paying a ransom to a ransomware criminal.
For Business: Your data archive strategy is critical, and should also include a Disaster Recovery Plan. We can work with you to determine the location of your mission critical data, determine the best method to archive it, and automate the process of copying that data to secure offsite storage. For the enterprise, virtual copies of your critical servers can be booted in the cloud until a local server is back online.
Providing your own cyber security is rarely a winning strategy unless you have a team in place to select the best software, implement it, monitor it, update it, and respond to any threats. We have been offering these services for over 17 years. As new threats and security products emerge, we discover and test internally. When we find a superior product, we make it available to our clients. You can see a list of our technology partners HERE.
Would you like more frequent tech news, scam alerts, and new product info? Follow us on Facebook!
Please call WinTech for all of your IT needs at 540-722-2122. Ask about our MSP program.