Ensuring the Security of Your Information and IT Assets
In an increasingly digital world, your personal identifiable information, financial information and business data are valuable on the open market. Your IT assets are valuable to thieves for resale, employees for personal usage and hackers and the competition for the information they contain.
Your ability to do business online depends on the trust the customers put in your servers to protect their payment information from hackers. You must take steps to improve the security of your data and your IT assets.
These tips can help private individuals and small businesses protect their information and IT assets.
Software Application Security
- Password protect sensitive computer applications. For example, use a password to access financial software on your computer like Quicken or PeachTree. If a thief steals your computer or a snoop is able to log onto the machine, your financial information is still secure. For additional security, do not use the same password for your computer applications and computer login.
- If you use an online calendar application, password protect it. Do not make your personal calendar visible to everyone. Potential thieves will know when you are not home.
- Password protect your online and hard drive backups. Password protecting your computer does little good if the backup files are freely available.
- Evaluate whether or not you actually want to use peer-to-peer sharing software. Downloading songs and videos for free seems convenient though illegal, but you also risk hackers gaining access to your personal files through the same P2P software. Your IT department should outright prohibit the usage of peer to peer software on corporate networks and then review the software installed on all systems to enforce this restriction.
- Log off your computer when you are done. This prevents a casual visitor or curious teenager from walking up to your computer and viewing your internet search history, email accounts or chat history. Companies can enforce IT security by forcing everyone to log off over the weekend or company holidays. Telecommuters could be disconnected from the network for additional security.
Your IT assets are valuable to thieves for resale, employees for personal usage and hackers and the competition for the information they contain. Here are suggestions to protect them from theft or simple misuse.
- Change the default password on your wi-fi and router, even if service does not extend outside of your home. For example, in June, 2012, an Evansville, Indiana SWAT team raided the home of a grandmother because an Internet troll's posts were tracked to her IP address. Whether it was a friend of her grandchildren using her internet connection, a neighbor trolling the internet while connected to the Net via her router or a hacker spoofing her IP address, a lack of IT security can land you in law enforcement's cross-hairs. This is all the more important for employees who work from home.
- Limit the use of web-cams by coworkers at home for business purposes only. If an employee does use a webcam, ensure that their children turn off a webcam used for chatting so that others do not see them asleep or changing clothes.
- Limit the use of web cameras in the workplace to areas that do not contain sensitive corporate discussions.
- Prohibit employees from answering their cell phones during sensitive company meetings. If you do not want the competition to hear the information, your employees cannot answer the call within earshot of the discussion.
- Turn off the computer when you will be away for a long period of time. Hackers cannot access a deactivated device.
- For small businesses, keep a backup of your most valuable files such as your financial software data on a thumb drive and keep it in your safe, a fireproof box or safe deposit box. For large businesses, back up data locally as well as with a secure cloud computing firm.
- Require security personnel to review the authorization of anyone trying to take IT assets out of the building, be they laptops or servers.
Additional Security Tips
- Do not let employees put pictures of themselves in work uniforms or containing pictures of workplace badges up on the internet. This makes it easy for someone else to capture the image and print out a duplicate badge.
- For additional security, prohibit employees from carrying camera phones into secure areas.
- Perform periodic audits of IT assets so that you can quickly discover when valuable items like Blackberries or laptops go missing.
- Keep unused IT assets in secure areas, not just a corner of a warehouse or in a hallway.