How To Keep Your Business IT System Secure – Part II

Yesterday we introduced four ways to keep your business IT system secure from Reuters and Entreprenuer.com: password protect your systems, design systems that are safe from abuse, conduct pre-employment screening and background checks, and continually train your employees. Today we discuss the last five ways to ward off unwelcome IT problems.

Avoid Email Attachments from Unknown Senders

This again is a training issue and is something that your IT Manager should ensure that every employee is aware of. If you receive an email with an attachment from someone outside of the organization that you do not know, never click on the attachment. And the same can be said for any URLs sent to you from unknown sources in an email. Too often these emails contain deadly viruses or Trojans that are extremely hard to remove once they infect your network.

Watch Out for Phishing Attempts

News reports abound today about innocent-looking emails from sources that look legitimate but in reality are phishing attacks. Some of these scams look so realistic that it is nearly impossible to tell them apart from legitimate emails. Most phishing attempts are targeted using your bank or another trusted company to trick you into providing sensitive information such as passwords, bank account numbers, credit card numbers, social security numbers and related data. However, your bank will rarely contact you via email and ask you to provide sensitive information like this. If you are solicited via email, contact the organization directly and determine if the email is from them. If it is not, report the situation to your bank or whoever’s name is being used improperly so that they are aware of it

Use Updated Anti-Virus Software

Again, this idea seems like a no-brainer but we are amazed at how many middle-market business owners have out of date anti-virus software or, worse yet, rarely use it to clean their systems. This once again goes back to creating IT procedures and then ensuring that they are followed. Anti-virus software should regularly be updated (most programs do this automatically now) and the software should be scheduled to run at least once a week. Too many employees disable the virus scan because it slows their computers down. This should not be allowed. If your policy is that every Wednesday at noon the anti-virus software on all your PCs runs, then employees must also follow that schedule and allow it to run!

Be Wary of the Cloud

Cloud computing is all the rage right now. By going to the Cloud, you are storing your company’s data on a third party site, which saves you the cost associated with maintaining your own servers. However, keep in mind that any sensitive information that you store on servers operated by outside companies (no matter how big they are) opens you up to any security deficiencies that they may have.

Realize, too, that cloud computing provides hackers with a target that is even more attractive than your servers alone (i.e., access to millions of pieces of data in one shot). With cloud computing in its early stages and many security issues still being worked out, it is advisable to keep sensitive information on your own servers and simply follow your security procedures to ensure their safety.

Always Assume the Worse

Cyber issues are a growing threat to our society. Laws regarding the punishment for these attacks are still being legislated. There are simply far more criminals out there committing cyber crimes than enough law enforcement personnel to really address the issue. It is far better to be paranoid and make sure your systems are secure than to assume that just because you haven’t been attacked that you won’t be a victim. Most of you have at least one ex-employee who has an axe to grind and would love to impact your operations—so be hyper vigilant.

Helping Your Company Be Buyer Ready

These are just a few ideas to help you not only prevent attacks but also prepare yourself for buyers’ due diligence in this area. More and more buyers are closely examining their targets’ IT policies and procedures. Years ago the concern was simply data integration, i.e., how long and painful will it be to migrate the target software and systems to the acquirers’ network? Now buyers need to have a comfort level that when they buy your company, they aren’t getting an IT system that is riddled with security breaches and filled with viruses.

For more information on building a buyer ready business, please click here and download our free whitepaper on this topic.

© 2011 Generational Equity, LLC All Rights Reserved 

About Carl Doerksen

Carl Doerksen is the Director of Corporate Development at Generational Equity.

Speak Your Mind

*