How to Keep Your Office IT Network Secure
As a recent spate of security attacks, including Target's infamous data breach (110 million customers' credit card data lost), have shown, network security is more important than ever. With our personal and professional lives revolving around the internet, the stakes have never been higher. Keeping your IT networks secure, thus, should be a top priority for any firm, big or small.
Below, we will look at some fundamental steps you can take to keep your small business IT network secure:
1. Lay out the ground rules
The first step in any IT network security plan is to establish a concrete security plan. This should include a number of ground rules about employee behavior. These rules should determine how employees interact with and use the office network. Some common rules you can implement are:
- Prohibit access of potentially harmful websites (such as torrent hosts).
- Prohibit download of any files from untrusted sources.
- Ensure that employees use only authorized software to open downloads; prohibit employees from installing unauthorized software, if possible.
2. Educate your employees
Setting up network security rules without properly educating your employees is hardly effective. Any comprehensive cyber security plan should include a thorough employee education program. This program should focus on the following key points:
- A general overview of what malware/viruses/spyware is and how it works.
- A thorough guide to interacting with social media, particularly when it comes to accessing third party websites and downloading files.
- Complete training in using common software, including any antivirus/firewall/anti-malware software you may have installed.
3. Identify weak points and crucial data
Not all data is the same; some is more important than others are. Your customers or employee's credit card data, for instance, deserves more scrutiny than the names of their pets. A strong cyber security plan, therefore, most identify crucial data that must be protected at all costs, as well as potential weak points in the network.
Once done, you can use this information to create additional security layers around the crucial data, and plug in the weak points with appropriate solutions.
4. Secure WI-FI networks
It may sound like a no brainer, but most small businesses do not think twice about securing their Wi-Fi networks. This makes them particularly vulnerable to hack attempts. At the very least, you should take the following steps:
- Encrypt your wireless access point (WAP) - Many businesses keep this open, which means anyone can log onto your network and play havoc with your data. Encryption of the wireless access point via a method like WPA2 encryption is a must.
- Hide your wireless network's service set identifier (SSID) - This is the unique name your wireless connection. Ideally, no one should be able to identify your wireless network from its name alone. If you can't hide it, at least change its name to something common. "Connection1", for instance, is far better than "[Insert Business Name] Connection" as it makes it difficult for hackers to identify your connection.
5. Use newer software
A number of businesses continue to use older, insecure web browsers and operating systems. Older software is a security liability and makes your entire network completely open to hack attacks. At the very least, you should consider upgrading the following:
- Operating system
- Web browser
- Adobe Flash
- Adobe Reader
- Any other software you frequently use in your business (QuickBooks, MS Office, Photoshop, etc.)/li>
In addition, it goes without saying that you should install a strong anti-virus/anti-malware software and keep it updated.
6. Create backups regularly
Even if you have foolproof network security, accidents can always happen. This is why it is crucial that you have a solid data backup plan in place. Ideally, you should backup your data every day to an online storage service (like Dropbox.com, Box.com, or Google Drive) as well as physical storage devices (CDs, hard drives, etc.). You should also ensure that the critical data you identified in step no.3 gets top priority when you create backups.
7. Secure physical infrastructure
You may not believe it, but most security breaches actually happen when hackers manage to get physical access to important computers, network components and servers. Securing physical access to equipment, therefore, should be a key consideration in any network security plan.
Some steps you can take include:
- Installing anti-theft software on all employee laptops.
- Making sure that employees protect their computers with at least a password
- Keeping important equipment like servers in secure storage with proper security personnel, surveillance systems, etc.
- Keeping track of portable media such as flash drives, hard drives, etc. as these often get lost/stolen.
When it comes to network security, prevention is always better than cure. This seven-step plan is a good way to improve your IT network security.