So, we’re finally here. 2016 is winding down and so too, it seems, are the majority of your workforce. As we head towards the holiday season, most of us are perhaps thinking more about where we’ll be eating Christmas lunch than whether or not our IT security is up to scratch.
Yet despite the relaxed, foot-off-the-breaks ambiance that permeates most workplaces during the final few days of December, now is actually the perfect time to start taking stock of your security practices, of the technology in place, and of whatever contingency plans you may have in place in case of emergency.
Below, Pacific Infotech’s business IT support specialists provide you with your complete security checklist to guarantee you a safe and successful 2017.
1: Access and Use Policies
Let’s start with the basics, shall we? As we’ll discuss throughout today’s post, most security errors within businesses aren’t actually caused by malicious outside attacks, but rather by simple human error.
Your company’s IT use policies serve as the first line of defence against those errors by outlining exactly what your workforce can -and can’t- do with your systems.
Yes, mistakes may still slip through the cracks, but by at least holding users accountable for their usage and making the terms of that usage clear, we eliminate ignorance of fact as a cause of those mistakes.
As you head into the New Year, now is a good time to ask the following questions about your business IT policies:
- Are they clear and easy to understand?
- Do they cover any new technology or software that has been brought into your organisation?
- Do they sufficiently reflect current ways of working within your business?
If changes need to be made, it’s essential that you notify your users of these changes -perhaps via your business intranet- and ensure that all users agree to the revised policies before accessing your network.
2: End Users
Again, the biggest causes of security problems within businesses actually come from internal users, so it’s important as part of your company’s IT checklist to ensure that users are well trained on any new technology you’ve invested in, that your password policy is effective, and that users access rights are reviewed when they change roles within the company.
Questions you should be asking are:
Are users required to change passwords every 90 days (or more frequently)?
- Are passwords required to be composed of at least eight alphanumeric characters?
- Are all users trained on any new technology they need to use?
- Are training methods / documentation clear and up-to-date?
- Are access rights all set at the appropriate levels?
3: WiFi and Internet Access
In today’s constantly connected climate, internet security should always be of paramount importance.
Yet you may be surprised just how frequently our business IT support team are called out to problems which could have been prevented with adequate firewalls, VPN (Virtual Private Network) security and secured wireless access connections.
Particularly important for hotels and other businesses accessed by members of the public, is the need to ensure that guests don’t have access to the same network as that used by your employees to drive your mission-critical applications.
Questions to ask as part of your business IT security checklist include:
- Is the Guest WiFi network separate from the corporate network
- Is web content filtering in place, is it set at an appropriate level, and does it need updating?
- Are firewalls and intrusion detection in place for all web connections?
- Is a secure VPN in place for remote access?
4: Desktop Machines
For most businesses, desktop computers are going to be a key component of your company’s IT infrastructure, serving as the means through which the majority of users access your network, applications, and vital data.
With that in mind, it’s essential that your desktop security is fully up-to-date and equipped to handle the ever-changing nature of the tasks and processes users carry out through both Windows and Apple computers.
Questions to ask here include:
- Is up-to-date anti-virus software running on every machine in my business?
- Are all machines updated with the latest patches and system updates?
- Are only authorized personnel able to download and install new software?
- Are users able to bring their own portable storage devices to use on your machines?
- If so, how are they monitored/checked for viruses?
5: Data Backup and Disaster Recovery
With all the above questions answered satisfactorily, you’ll have no doubt enhanced your business IT security and significantly reduced the number of risks your system faces.
Yet that’s not to say that things can’t still go wrong, and, when they do, it’s vital that your business is well prepared for all eventualities. Should a security threat occur, the long-term success of your business depends on you knowing that your invaluable customer data is well protected, and that you can get those mission-critical applications back up and running quickly, thus minimizing downtime.
To do that, you’re going to need a solid business continuity strategy in place, and adhere to stringent protocols regarding data backup. Some questions you should be asking include:
Is all critical data backed up on a daily basis to a secure, remote location?
- Is all important -but non-critical- data backed up to secure, remote server on a regular (though not necessarily daily) basis?)
- What Data Loss Prevention (DLP) tools are in place, and are they up to date?
- How will your business return to an operational state in the result of a security breach, data theft, or other serious issue?
Revisit Your Business IT Security Checklist Regularly
Whilst now may be a good time to go through your IT security checklist in readiness for 2017, this isn’t the kind of thing you can do once and then forget about. To keep your company, your data, and, more importantly, your customers, safe and secure, it pays to go through your checklist regularly, at least once every six months.
Should you go through this checklist and find that you’re missing certain essentials, such as firewalls, a secure, remote data backup solution, or solid anti-virus software for your desktop machines, then business IT support specialists at Pacific Infotech can help.
For a free consultation or to discuss your IT security requirements, contact us online, or call now on 020 313 76707. On behalf of our entire team, Pacific Infotech would like to wish all of our customers past and present a very safe, secure, and successful New Year.