Protecting Your Data: Hacker Attacks are Getting More Clever by the Minute
By Kevin Wade, President/CEO, IntellisSystems
With so many access points from cell phones to laptop and home computers, how can anyone hope to keep their network safe from hackers, viruses and other unintentional security breaches?
The answer is not “one thing” but a series of things you have to implement and constantly be vigilant about, such as installing and constantly updating your firewall, antivirus, spam-filtering software and backups. It’s a full-time job for someone with specific expertise.
Want to know what every hacker hopes you believe? “We’re small…nobody wants to hack us.”
This is the No. 1 reason why companies get hacked. They dismiss the importance of IT security because they’re only a “small business.”
If you aren’t giving IT security the attention it deserves, how do you think your clients would feel about that? If for no other reason, you need to do it to protect your clients’ data, even if the only stored information is their e-mail address. If your system gets compromised, hackers will now have access to your client’s e-mail addresses and can use that for phishing scams and virus-laden spam.
I’m sure your clients want you to be a good steward of their information and privacy, so stop lying to yourself and get serious about putting essential security practices in place.
The No. 1 threat to your security is…you! And your employees. We are our own worst enemies through the seemingly innocent actions taken every day online. In most cases, this is done without malicious intent – but if you as a manager or owner aren’t monitoring what web sites your employees are visiting, what files they’re sending and receiving, and even what they’re sending in company e-mail, you could be opening yourself up to a world of hurt.
One thing you can (and should) do is configure your firewall to document and monitor which web sites users are visiting. Almost all enterprise-level firewalls have this ability built in; you simply need to configure it and monitor the reports (something we can certainly help you with).
Once that basic foundation is in place, the next most important thing you can do is create an Acceptable Use Policy (AUP) and train your employees on how to use company devices and other security protocols, such as never accessing company e-mail, data or applications with unprotected home PCs and other devices. Also, train them how to create good passwords, how to recognize a phishing e-mail, what web sites to never access and other simple security tips.
Never assume your employees know everything they need to know about IT security. Threats are ever-evolving and attacks are getting more sophisticated and clever by the minute.
It’s up to you to set the rules, write it into an AUP, train employees on what is and isn’t acceptable and then get them to sign the AUP.
Kevin Wade is President and CEO of IntelliSystems, a local IT management and telecommunication company with offices in Augusta, Aiken, and Columbia. In addition to meeting the technology needs of small and medium-sized companies, including sourcing computer and networking hardware and software, providing day-to-day IT support, installing cabling and wireless network systems, and design and installation of telephone systems, IntelliSystems works to help medical practices reach and maintain HIPAA compliance. He can be reached at 706-722-2024 or by emailing him at firstname.lastname@example.org.