Hi everyone, welcome to the March 2017 newsletter.
This month I want to have a look at the physical security of your business's data, which includes all the information about clients you have gathered, the documents and spreadsheets created, and work both completed and in progress. As a business owner or manager, you can optimise every area of your business to prevent infection and exploitation from Malware with the latest anti-malware and Intrusion Prevention Systems, perform regular backups and educate your staff, but how secure is the data on your computers and the physical paper folders sitting on your shelf or in a filing cabinet? How secure are the backups you have created?
So here's a few tips on helping to make your business data more secure:
Lock up sensitive documents
Seems obvious, but one Sunday afternoon, while walking along a business street in a town, I happened to look into the window of a closed business. There was the usual front desk with computer and miscellaneous items, but on the shelf behind the desk were neatly positioned folders, each with big clear labels indicating that they contained financial and sales information. A quick pick of the locks and a thief would have an arm full of sensitive information.
So, at the end of the day, or if you close for lunch or go out to meet clients, think about what paper documents you have laying around the office. Do you lock them in a filing cabinet and leave the key in the lock? Do you just slip them into the desk draw so they're out of sight? Do you rely on the physical security of the building to protect your important and sensitive data?
Laptop & mobile devices
Do you use a mobile device (e.g. laptop, notepad, surface pro etc) within your business? If it's not with you then how secure is it? Does your business place mobile devices that are not in use, in a secure cabinet or drawer,which can be locked? Do you or your staff leave mobile devices sitting in plain sight in your vehicles? Maybe in the boot would be better, if they're not being used. What about business trips and over nights in motels? Don't rely on the room lock to protect your device, take it with you.
If you are like most business people, the mobile phone has become essential in doing business. It contains contact information, photographs, diaries, spreadsheets, documents, and even links to cloud storage etc. as well as being a phone and video conferencing tool. We are generally fairly conscious of not leaving our phone laying around somewhere, but keeping it on us or with us at all times. But sometimes people forget or do stupid things, and the phone is stolen. Make it hard for the crook to break into the phone with a good pin number, a specific unlock swipe and ideally a biometric lock (finger print or eye scan etc.) Also make certain that you can remotely scrub your phone of all data if it is stolen, it's not hard to set up, and will give you peace of mind that the crook won't have access to sensitive information.
I won't go into the different ways of backing up your computers, that's for another time, but I would like to remind you of the importance of securing your backups. If you use the cloud for backing up then well and good, but you may want to also have a physical backup in case the big cloud company goes bankrupt or decides to close the doors on your stuff and you can't get to it. Backing up to an external hard drive in the office is good, but two things to remember: if a virus gets into your business network and the external drive is still connected to the computer, it will be also infected and even encrypted if it's ransomeware; secondly, if the building burns down then the backups are gone too. If you prefer not to use the Cloud, then at least weekly make a copy of the backup and have it stored off-site somewhere. Just a side note: check occasionally to make sure the backups are actually going where they're supposed to, and that the backup schedule wasn't turned off two years ago!
Well, that's all for this month on securing your business and home computer networks. If you have any questions, just send me an email.
Until next time, stay secure