A lot of business people talk about IT security. However, I find that a lot of executives do not really know where their business stands on it.
The reality is that your network is never 100% secure, but you should always be working to improve it. With cloud computing and more business activity moving online, security is as much a business issue as an IT issue.
No matter the size of your security budget, you should understand your security risks and how they can impact your business. Here are some basic questions you should be asking:
1) What are our current security measures?
Understand what security measures and processes are already in place. Some good questions to ask are:
- Do we have a firewall?
- Is our wireless network secured?
- Are patches and updates being applied regularly (e.g. monthly) to our servers and computers?
- Are antivirus updates being applied daily (and no users have disabled antivirus for convenience)?
2) Are our laptops encrypted?
Laptops increase mobility... and security risks. Stolen laptops are a common way thieves get access to company data. Simple password protection is not enough to stop sophisticated thieves. If your laptops have company or client data on them, they should be encrypted. Encryptions provides additional security so that the only way to access laptop data is with the appropriate password.
3) Who is training our users?
A number of studies have shown that users pose the greatest security risk in most companies. Cybercriminals have a multitude of ways to trick users. Regularly training about security best practices, and why they matter, can dramatically improve security. For example, users should use the phone and not email for communications about transferring funds and making payments, because cybercriminals often spoof messages to look like the email is from someone you know.
Answering and taking action on these three basic questions can significantly increase your company’s IT security.
Taking the Next Step on IT Security
Even with good information, IT security can be overwhelming. If you would like guidance and help on implementing best practices, we would be glad to help. Skyriver IT makes implementing and staying current on IT best practices easy.
If you would like to discuss how we can help you improve your IT security, please contact us.