You know that computer security is important to your small business. But
do you know exactly what you need to do today to protect your business?
Do you know all of the risks to your business computer system? Do you
know the steps you need to take to protect your business computer system?
We hear reports of computer hackers breaking into business computer
networks to attack or shut-down an Internet site, to disrupt business
operations, or to gain access to confidential information. These
high-tech break-ins are only part of a far broader area of security risks
that your business faces today.
Some high-tech risks require high-tech responses. Others call for more
common-sense measures. A well-considered, disciplined approach to
computer security may be all that you need to significantly reduce the
risks to your computer system.
What does computer security mean? From a business point of view,
computer security simple means that your computer systems will
function and your stored information on your computer system will be
available to you as needed for your business.
Hardware Failure
Precautions can be taken to protect against certain risks such as:
theft, breakage, power surges, voltage fluctuation, outages, and
disasters including fire, flood and other unthinkable catastrophes.
Maintenance agreements provide fast and reliable service in the event
of equipment breakdown.
Extra equipment provides in-house backup for uninterrupted service
until the repairperson arrives. Many firms buy inexpensive mail-in or
carry-in maintenance and maintain extra hardware to swap in as
needed. For example, they keep one backup printer for every five
printers in use and one backup PC for every 20, depending, of course,
on age and reliability of the hardware. Redundant Array of Independent
Disks (RAID)-equipped servers and duplicate or backup servers can add
redundancy and reduce the risk of being shut down by equipment
failure.
The quality of low-cost computer or server "clones" may be significantly
lower than that of brand-name systems. Extremely low-cost systems often
are made with whatever less costly components are available at the
moment. Such components may be inherently less reliable, and the
compatibility of the specific components used may not be rigorously tested.
Regular backups, with at least a weekly copy of the backed-up data kept
off-site are, of course, a necessity and the most effective way to minimize
data loss when inevitable hardware breakdowns occur.
Careful disaster planning is more crucial than ever to assess the risks and
damage of catastrophic system failure and the implementation of
appropriate disaster recovery resources. Full duplicate off-site systems
including servers, data and communications links may be necessary to
assure continuation of service without interruption in the event of
catastrophic disaster. Such redundancy can be farmed-out to a local firm
that specialist in the backup and safe storage of your critical computer
system data. Generally, the expense of full-system redundancy often is
unnecessary for small businesses. For you, as long as none of your stored
data is lost, restoring your system functions within several hours or even
several days may be tolerable.
Software Failure
Application software can malfunction for a number of reasons. Failure of an
application program can occur through an accidental erasure of a
component piece of the program, its location in the wrong subdirectory, or
any of a number of other arcane causes. Contemporary programs arrive in
multiple parts on multiple disks, CD-ROM or downloaded files that get
installed in many directories and subdirectories, as well as altering system
configuration and setup files to serve the application's needs.
The loss or corruption of one small program utility may prevent the entire
program application from operating properly. The change of one parameter
or setting (which easily can happen inadvertently or during the installation
of another piece of software) is enough to disrupt the proper functioning of
an application. The best protection against application software failure is:
~ keep the original program source (disks, CD-ROMs, saved and backed-up
downloaded files) secure off-site (outside of your office)
~ install software from backup copies of the originals, and
use only authorized and registered copies of software applications (so
that the original software application vendor is available for technical
support, replacement of disks, bugs fixes, and software updates).
Network software is notoriously finicky and requires frequent attention.
Someone familiar with the network software either on staff or available on
short notice is essential to troubleshoot and restore the network when it
crashes, slows to a crawl or just doesn't act right. In some situations, loss
of access to application programs, loss of data, or loss of access to data
when the network is down can be minimized by backing up or mirroring
data on a local hard drive or floppy disk and by having key software such as
word processing applications loaded also on local PC hard drives.
Corruption of software by viruses is another growing security risk, which is
best handled by carefully designing procedures to limit unauthorized access
to systems, by discouraging use of unauthorized software and by using
specialized virus protection software. Some offices have systems that
automatically bar any new software from being loaded even onto an
individual PC on the network. Others automatically scan all new software for
viruses. Anti-virus software must be updated continually to enable it to
identify new viruses that are constantly being created and spread.
Automatic update features are available for the major anti-virus software
programs and should be implemented.
A particular problem is software that is acquired electronically, such as from
the Internet, whether public domain software or unauthorized copies of
programs. Seemingly minor items such as games, utilities, screen savers or
macros of unknown origin and provenance may put you at serious risk of
contracting a virus. Email attachments are a frequent source of infected
code. You need to be attentive to suspect email sent to you. Always pay
attention to what you are loading or downloading onto your computer.
Through the introduction of a computer viruses, your software programs
and if not your entire computer network may be unusable by the simple
installation of unauthorized software application on your computer system.
Make sure your staff understands the importance of your policy of banning
the installation of unauthorized software. Then periodic "sweep" your
computers to insure that your staff is helping you protect your computer
investment.
These simple steps may result in big dividends to the continued operation of
your small business.
Copyright Steven Presar
About the Author
Steven Presar is a recognized small business technology coach, Internet publisher, author, speaker, and trainer. He provides personal, home, and computer security solutions at
www.ProtectionConnect.com. He provides business software reviews at
www.OnlineSoftwareGuide.com. In addition, he publishes articles for starting and running a small business at
www.Agora-Business-Center.com. Be sure to sign-up for the SOHO newsletter at the site.
