Thursday, March 19, 2015

Simple Cyber-security Practices

Cyber-security has been a topical issue of late in the wake of headline-grabbing incidents, like the Sony hack, the theft of compromising photos of celebrities from an online cloud (“celebgate”), and the revelation of a security vulnerability dubbed “heartbleed”. Unfortunately, as technology becomes increasingly sophisticated, so do the techniques used by tech-savvy miscreants to infiltrate computer systems. Further, in this era of Big Data, the amount of sensitive information potentially vulnerable to criminal activity is vaster than ever before.

Few (if any) computer systems can claim to be the digital equivalent of Fort Knox. But there are some simple steps you can and should take to help improve the safety of your data.

  Keep software up to date, including anti-virus applications.

Out-of-date web browsers are susceptible to cyber-infiltration, malware, and viruses, as are machines that don’t have the latest anti-virus software installed. Do a bit of research, and invest in security software from a reputable company with a solid track record.

  Create backup copies of everything that’s important.

Even ostensibly reliable computers can sometimes crash or malfunction, causing you to lose access to information stored on the hard drive. Pay particular attention to financial and human resources documents (including credit card information and social security numbers), records of transactions and accounts receivable/payable, databases and spreadsheets, and any other files you feel might cause a major headache if it ever went missing. Store these essentials either in a secure cloud, or offsite.

  Set up an internet firewall.

Many computer operating systems have a firewall pre-installed, and you’ll simply need to enable it; alternatively, free firewall software can be downloaded from the internet. Again, make sure the software you use comes from a reputable source.

  Control physical access to computers.

 Set up passwords for each machine, and request that each employee create a unique user name and entry code. Aim to change passwords every few months and in the event of employee turnover. Safely stow and lock up laptops that aren’t being used.

  Secure your wi-fi network.

Your wireless network should have a unique password that’s at least 10 to 15 digits in length, containing upper-case and lower-case letters and numbers. Try to make it not only exceedingly difficult for a person to guess, but inordinately time-consuming for a password-cracking program to break.

  Use extra caution with payment-processing.

When setting up a payment-processing arrangement with a bank or financial institution, ask about the latest security and anti-fraud measures and best practices. Try to isolate your payment system, and avoid using the same computer to handle financial transactions and browse the internet.

  Leave software installation to people you trust, or do it yourself.

Many computer operating systems are outfitted to require password authorization  from a system administrator in order to install new software. Make sure this feature is enabled, so that employees (and unauthorized computer users!) cannot install software without your approval.

  Read up on cyber-security.

With the pace of technological advancement occurring in our world today, experts occasionally stumble upon previously undiscovered vulnerabilities, and new programs that can thwart even the most sophisticated network security systems. Although not everyone can or should aspire to become a cyber-security connoisseur, it is in your interest to keep reasonably abreast of the latest developments in that area.

The U.S. Federal Communications Commission (FCC) has a page dedicated to cyber security for small businesses, including advice and resources. More useful information is available here, via a campaign called Stop.Think.Connect.