Oct, Tue 6th, 2009 Posted in : Business Process, FUD-busting, Virus and Malware By : 0 Comments

I came across a pretty good article this last week, which  bears expanding upon at least a little bit. It’s from the Globe And Mail, and goes into a study done this year on computer security, breaches, and their cost and effect on business.

The short version is that these types of breaches can cripple, or even kill, your business. So why do they keep happening?

Well, one reason they happen, as the article points out, is the lack of well trained and experienced staff. Many IT companies and departments rely on “what has worked before” when building computer systems. Technology is a moving target, a rapidly changing field. If the technology changes, then the methods should change with it.

Another reason is that with the changing technology, the vulnerabilities also change. And it’s very difficult to stay on top of them all, especially for small and medium businesses. The trouble is that most smaller shops don’t have someone who understands the nature of many of these vulnerabilities. They may have a decent grasp on the fundamentals of computers, and serve as the local “go-to” person, but they can explain what a stateful packet filter is?

There are a few ways around this whole problem. First and foremost, make sure your computers are patched and updated regularly. Windows updates are important, and they’re there for a reason. Is your computer up to date with patches? Are you sure? Go check. Now. I’ll wait…..

And what about your other network gear? Is it up to date as well? What about your Internet router? Your mobile phone? Your corporate firewall, if you even have one? This is where the advantage of working with professionals comes into play. Your IT shop should know about how to do these things, and should also understand the benefit.

The other aspect covered by the article covers theft by employees. At the very bare minimum, you should have a clear and decisive IT policy in place. Ideally, you’ll have a combination of removable-device blocking (software that blocks your USB key) and a deep-inspection device running on your network, to ensure that your information doesn’t just get emailed to someones personal email account.

The latter can be overkill for many small businesses, and sometimes prohibitively expensive. However the former is well attainable; many anti-virus products also contain the functionality of disabling USB keys. Maybe this can be a good starting point for you?

The next piece of the puzzle is to have good network security. if staff can only get to certain information in the first place, then there’s only so much they can pilfer, isn’t there? A well designed network can provide the functionality you need, and the security and peace of mind that you crave.

Of course, every situation is different, and every company’s needs are unique. So talk to your IT support people to find out what the right choice is for your organization. And remember to keep your information in check.

(C) 2011 CPG Systems Inc. All rights reserved.