by Nathan Whittacre via Nevada Business Magazine
http://www.nevadabusiness.com/2012/06/smart-secure-simple-computing/
Security concerns and procedures are an important part of running any business. Even in a small company with 5 employees or less, being aware of where data is being stored, who can access it and how to take the first steps to protect it, is something all business owners and executives should know.
In today’s fast changing technology environment, staying on top of technology means surviving. It is important to understand that security is not just a technology issue but also a people issue. Recent and recurring news stories show that multi-million dollar corporations get their databases hacked and their customer information stolen. How can we avoid being at risk? Start by protecting intellectual assets, training staff and keeping up to date with technology.
Set-up company technology policies and procedures
Businesses store lots of data in computers, such as accounting information, customer’s contracts, operations and business procedures and sensitive employee data. It is the company’s responsibility to keep it safe and secure from third party vendors, competitors and employees.
Take the time to create confidentiality and non-disclosure agreements, train staff on safe computing, such as Computer, Network and Mobile devices security, HR security management and protection, and more.
For third party vendors, like accountants, IT professionals or attorneys, make sure to have non-disclosure agreements with them and also make sure that vendors are protecting the company’s data as well.
Practice smart social media
A big part of marketing is having and constantly using the company’s social media profiles. Many businesses hire or create a new position for this specific task. Protect the company by creating a good practice policy to avoid posting negative comments about the company or customers. Social media can be used to increase business to client communications by sharing professional and relevant articles or comments, quick replies to complaints, greetings or requests. Always review and approve the content that will be posted on the company’s behalf.
Read the fine print
With so many online and cloud services choices, most people just look at the features and prices, but it is important to read the fine print. To make sure information is kept private and the company is protected, read the terms and conditions keeping an open eye for phrases such as: Information will be public or posted on search results; by downloading this application you will be subscribed to our affiliate’s newsletters or data won’t be available for download after subscriptions are cancelled, etc.
If using a cloud based service, download data periodically and store it off the cloud as another security precaution.
An example of a cloud based service that many businesses are using is Intuit, the company offers QuickBooks Online for businesses. They store and back up their customer data, which is available for download after a number of days even if the business cancels the monthly subscription or stops using the service.
Protect online accounts
Use different password variations in online accounts to increase security. Some other ways to protect passwords is by using redundant account verification, tools like Google Authenticator, or simply putting a phone number or secondary recovery email on the account. These steps can make a big difference on protection.
Update computers, networks, software and phones
Computer programs, apps and operating systems are constantly improved based on customer feedback and security enhancements. When purchasing any one of them the company receives automatic updates that will make devices work well and stay protected. Make sure all applications are to the latest version, especially Windows and Mac security updates, anti-virus and anti-malware protection. It is also a best practice to have a third party review applications to make sure they are up to date.
Network Security
Many devices today require wireless access points, make sure to have strong passcode authentication, such as WPA2, and don’t give out the wireless password to guests. Supply a guest wireless access point separate from the company’s network and make sure it is also securely protected.
