From home security systems to LoJack for our cars, security is an important issue in many aspects of our daily lives.
However, when it comes to safeguarding our business from internet security threats, the dangers range long and wide and should be taken seriously.
To protect your business from these threats is not as daunting as one might think. With a little foresight and some proactive preparation, any business no matter how large or small can arm themselves from predatory attacks that risk compromising sensitive data about the company, clients and employees.
This article will address 6 tips to keep your business secure from online threats.
1. Operating System Updates
We all see those Microsoft updates from time to time as we are ready to shut down our computers and call it a day. No matter how much of a rush we are in to get home, those Microsoft updates are critical to keeping your computer’s operating system up to date with the latest security patches.
Hackers – both small and big time – literally spend their days trying to find vulnerabilities in Microsoft programs in order to do harm – even if for the sheer enjoyment of “finding a Microsoft bug”. Microsoft then tasks their programmers to fix that vulnerability, and they release it in the form of an update to the masses.
2. Software Updates
Similar to the same concept of Operating System Updates, software updates are put out by businesses who sell their own software. It could be a company like Microsoft that releases a Word or Outlook update, or it could be a small company that sells picture framing software to a niche market.
Any company that sells software will inevitably offer software updates. This is very common with anti-virus software programs which must constantly keep updating their software anytime their software is attacked.
Other important pieces of equipment to keep updated are your firewall and router settings. These are pivotal areas in which if not updated, can be an open door for intruders. Keep these up to date and install all the proper updates in a timely manner.
Not all software updates are necessarily a reaction to security threats. Software updates also include improvements to existing features – or adding new functionality. Bottom line – keep up to date with your software.
It seems everything today requires a password – from email to voice mail to online banking and the list goes on. As mundane as it may sound, periodically change your old passwords to new passwords is a smart way to keep your accounts secure and private.
This is especially true with any accounts that contain sensitive information, such as bank account numbers, social security numbers, credit card numbers, home addresses, etc.
4. Encryption Software
For businesses which require enhanced security protection, investing in encryption software can be used to protect consumers’ financial data from theft. This type of software can encrypt anything from individual files to an entire partition on your hard drive, or even a storage device – for example thumb drives, flash drives or USB drives.
If you have particular folders or sections of your hard drive that contains extremely sensitive information, using encryption might be a good idea. Should someone steal your hard drive and gain access they will not be able to read those important documents.
5. Secure Web Pages
For businesses conducting credit card transactions online, it is required to process financial transactions through a secure server. These webpages which are on your secure server have a certificate that is used to verify its legitimacy.
You can determine if a page is secure by looking at the URL in the web address bar in the browser. If the “http” has an “s” on the end like this: https://www.example.com, then it is running through a secure server.
Never submit your credit cards over any connection that does not have a secure connection. It is also a good practice if you are purchasing a product from a company you have not done business with before, to check and see if they have a customer service phone number. If they do not, it might be a red flag that the company is not legitimate.
6. Limit Inter-Office Access.
Wouldn’t it be wonderful to trust everyone that ever walked through your office doors? Of course it would – but in business this isn’t always the case.
No matter how small a company, it is standard practice (or at least it should be) to have policies in place which address expected security guidelines and protocol employees (and owners) must adhere to.
Some common office practices are:
a. Shred all documents with a cross shredder. It is important that all paper copies of sensitive data such as contracts, drafts, proposals, price quotes, etc., are properly disposed of. Using a shredder is a practical solution to destroying these documents. Make sure to incorporate a schedule where these shredded documents are taken out for recycle or for the trash.
b. Have a schedule for updating passwords. Changing user passwords for systems which contain customer or company information periodically can help keep old passwords that have been floating around out of reach by potential hackers – or even former employees. The more sensitive the data, the more frequently the passwords should be changed. All computers should be password protected as well.
c. Anti-virus software should be installed on all employee computers. Make sure the software is set to receive updates and is renewed annually. If emails are handled through an internal server make certain the server is protected with anti-virus and other security software designed for servers.
d. Encrypted phone lines or SIP trunks. For companies which rely on extremely confidential conversations such as lawyer offices, medical offices and financial institutions, it is important to encrypt data and voice lines. There are some industries such as health and banking, which are required by law to adhere to specific security measures according to HIPPA, and Sarbanes – Oxley.
Following these rules and guidelines are just the beginning to keeping your business secure from internet and even internal threats.
These practices must be continually refined as new threats arise and employee turn over occurs. By taking as many precautions as possible, you will be able to better guard your assets from those who threaten to take them from you.
This post was contributed by EtherSpeak, Inc., a certified SIP Provider for Microsoft Lync and other Unified Communications systems. In the ever growing world of cloud based systems and applications, online phone communications is just one of the areas where security and privacy is often overlooked. EtherSpeak recognizes the need for security and educates their users about the need for company wide security standards – and hopes you found this article beneficial and useful.