1. Cover the Basics
Protecting your business from unwanted cyber attacks, snoopers and other threats starts with establishing basic computer security measures in your workplace.
Physical security. The first step is to have some basic physical security (minimum US standard are defined by the HIPAA Security rules). Start with a lock door to prevent access to your server. Consider the implementation of a timed screen saver and automatic log out of Filopto that will help keep prying eyes away from sensitive data. Protect your server from power outages or brownouts and possible data corruption with an Uninterruptible Power Supply (UPS) device.
Keep your servers in a safe place. Businesses must make sure that their servers are not vulnerable to physical calamities. Locate these machines in a secure, dry, well-ventilated (cool) room, not in a hallway or under a desk where someone might inadvertently kick or spill coffee on them. Or mischievously tinker can have access to them. Your server room should have no windows and a single door you can lock. Server cases should also be locked to prevent tampering with internal components. Know which employees have keys to the server room. You should also keep a record of the serial numbers of your servers, and mark them with your company information, so they can be identified and recovered if stolen. |
Set up a firewall. A firewall helps block intruders on the Internet from gaining access to your computers and business data. A hardware firewall (router) is best because it provides protection for all the PC's on your business network. Having a software firewall for additional protection is also a good idea. Windows come standard with a software Firewall to protect your PCs. Make certain it is activate.
If you have an always-on broadband Internet connection, chances are your company's computer network is randomly probed by criminal hackers. Once they stumble on a valid computer address, they try to exploit vulnerabilities in software or decipher passwords to gain access to your network-and ultimately individual machines and everything on them.
Like a moat around a castle, a firewall can block intruders from gaining access to your private network. There are two basic types of firewall:
|
|
Install Anti-Virus, and Anti-Malware software on all computers. Running anti-virus and anti-malware programs on your server is as important as running it on a client PC. Look for programs that not only detects and disables viruses and malware, but that are regularly updated for new viruses and malware. If running an anti-virus/malware software on the server make certain to exclude the "Filopto.fdb" database or severe performance issue will arise. See AntiVirus /Firewall Issues for more details
|
|
Use strong passwords. Passwords should be required to log on to any computer and server in your workplace. Strong passwords have a mix of uppercase and lowercase letters, numbers and symbols. Make sure users are required to change their passwords regularly. See the following web sites which can provide you with secure passwords: http://howsecureismypassword.net/ and http://strongpasswordgenerator.com/
Most small businesses use passwords to authenticate identity - whether on computers or cash registers or alarm systems. Though there are more sophisticated authentication systems, such as smart cards and fingerprint or iris scans, passwords are most common because they are easy to use. But they are also easily misused. Hackers have automated tools that help them come up with simple passwords in minutes. Crooks may also use fraud to get employees to divulge passwords. And too often passwords are not effective for these reasons:
Educating your staff about the importance of passwords is the first step in making passwords a valuable network security tool. Employees should regard their password the same way they would an office key. In other words, don't leave it lying around and don't share it. They should also avoid weak and easy-to-guess passwords that include the following:
What does a "strong" password look like? It should have the following characteristics:
|
For more detail information on how to create a secure passwords see the "How to : Create a Secure Password " section of the help file.
Backup your files. Disasters happen, equipment fail and if you haven't saved your important files and information on a separate off-site storage system, all your critical business application data could be lost. (See System Backup section for more information) |
Update your software. Hackers like to find and exploit bugs and loopholes in popular software products. Some do it for money, some to make a statement, some simply to cause trouble. And they can cause trouble - exposing customer credit card numbers or personal information on a website or stealing passwords in a computer. The impact on a business can be fatal. Software updates typically include the latest security features. Updates for Microsoft products are available on Microsoft Update and the Microsoft Download Centre. Filopto's updates are available from the Filopto Update web site.
|
2. Regulate Access to Information
Not everyone should have access to everything in your workplace. If your business runs a Windows Server operating system, you can permit and restrict employee access to documents, spreadsheets or other business files. You can also designate in Windows and Filopto whether a user is permitted to just read a file or change it. Here are tips for regulating access.
Practice least privilege. With Windows Server, it is possible to assign users different permission levels. Rather than giving all users "Administrator" access - which is not a best practice for maintaining a secure environment for PC's or servers - you should use your servers to manage client PC's. Windows Servers can be configured to give individual users access to specific programs only, and to define which user privileges are allowed on the server. This ensures users can't make changes in areas that are critical to the server or client PC operation. It also prevents them from installing software that may introduce a virus or otherwise compromise the integrity of your network.
• |
Create groups of users and assign permissions and privileges to them rather than individual users. This saves you time administering access rights. |
• |
Create your user groups based on roles, such as sales representatives. Then assign a set of permissions that are relevant to performing the tasks defined for that role. |
• |
Set access rights for each role to the minimum levels required for users to do their jobs. For instance, if the sales representative group only needs to be able to read a customer profile, do not also give then access rights to share or delete the file. |