Why Your Business Requires Security

The States and Federal Identity Theft and Privacy Protection Laws now require businesses, agencies and organizations of all sizes to protect all personal information they store, and report to all their customers whenever a breach occurs. The financial ramifications after having a data breach can be very substantial to both present and future business. In some many cases a company never does recover from a breach and is forced to close down. Currently, the average cost on a company is $3.7M per incident.

Computer and Network Security

Computers and Networks Security are the primary attack point for identity thieves.

If unauthorized network security access go undetected, the breaches can force a company into bankruptcy. Security must authenticate, authorize and protect. Here are 15 time proven tips.

Time-Proven Computer and Network Security Tips

TACTIC DESCRIPTION

Firewall

  • Have IT install hardware firewalls
  • Don’t use just software firewalls
  • Small offices can use a router

Data Storage Encryption

  • Military grade encryption (AES, Triple-DES, Blowfish, Twofish)
  • Always use on laptops, memory sticks, CD-ROMs, etc.
Password Manager 
  • Uses two factor authentication
  • Limit the number of false authorizations before lock-out
  • Interfaces with existing databases

Updates to Operating System
  • Always keep your computer’s operating system current with the latest security patches
Anti-virus, Anti-spyware, Pop-up blockers
  • Every computer must have these installed
  • Run scheduled scans at least weekly
  • Keep their library data up to date

Disposal of electronics
  • Hard drives must be completely scrubbed using special software prior to disposal or reselling of computer
  • Old cell phone and PDA are best to smash and recycle than to sell on eBay

Web site updates
  • Don’t store personal information on the same server as the website
Disable USB ports
  • On some computers you want to disable the functionality of the USB port so someone cannot use a memory stick
Disable IM
  • Employees don’t need to be instant messaging with the computers since they could be sending sensitive information
Password protect documents

  • A password must be entered to open a document that has personal information
  • Keeps unauthorized users from access data

 

Use secure, strong passwords

  • Follow the 6-laws of password security: Length, Randomness, Complexity, Uniqueness, Rotation and Management
  • Use a token-based (i.e. smartcard) password manager so the above laws can be managed easily by employees

 

Password logon
  • Every computer must require a password to log on
  • Every network connection must have a logon password
Web site blocking
  • Get a blocking and monitoring software so employees are not going to inappropriate site
  • Inappropriate sites may try to install spyware onto the computer
Unknown emails
  • Inform employees of the dangers of opening up email links or attachments from unknown people
Secure Wireless Networks
  • All connections to a wireless network must be secure
  • Thieves are parking in front of companies and access network data with their personal laptop

 To learn more check out the blog page on Computer and Network Security

FLEXCAP
SiteLock