By Tim Torian, Torian Group, Inc.
Security - Best practices and Resources
Computer security is Everyone's concern. Malicious software is now big business, and is primarily aimed at:
- Get access to your identity, and your bank accounts.
- Gain control of your computer and resell it for spamming, network attacks, or other criminal activities.
- Plant malicious software on your web site, to enable drive-by infection of web visitors.
- Install a properly configured firewall. Better yet, have a firewall that logs outgoing traffic and warns you of anything unusual.
- Have current Anti-malware (Anti-Virus / Anti-Spyware) software. Make sure it is updated annually to the new release. This process is not automatic, even if you renew your subscription.
- Keep your software current by installing patches.
- Use a password manager, such as lastpass.com. Do not use the same password on multiple web accounts, and do not keep a password list on your computer. Use complex passwords, at least 10 characters long. A password under 6 characters can now be broken in minutes.
- Protect your laptop from theft. If it is stolen, everything on it is compromised, even if it is password protected. This is the number one cause of loss of sensitive data. About 25% of theft is from offices.
- If you use wireless, use WPA2 security with a long passphrase. Older wireless routers are open by default, meaning anyone can connect to your network.
Have a Computer use policy as part of your employee handbook, and enforce it. Ask Torian Group for an example policy you can adapt to your needs.
Change passwords the minute you let someone know they have been let go - do not wait.
Watch (or have watched) your server and network logs. Most network breaches take place over a period of time, and are associated with unusual activity - multiple failed logins, sudden disappearance of log activity, or excessive log activity.
Make sure you are compliant with applicable laws: Red Flag and PCI, E-Discovery, HIPAA, etc.
Information on Cyber-Security from the US Government:
As you investigate IT security, you will discover that there are well established best practices for IT management which provide a foundation for good security. Here are some starting points:
- Provides best practices and training for security professionals
One of Torian Group’s experienced, Microsoft Certified Professionals will conduct a free security audit of your Visalia area company’s network. The assessment will include a review of your network structure, servers, firewall, antivirus, patch management, and user settings. For more information call us at (559) 733-1940 or email email@example.com
Tim Torian has taught computer networking at the College of Sequoias and Cal Poly Extension. He has a BS in Computer Science, and has been consulting on computer networking for the past 30 Years. His industry certifications include: Cisco CCNA and CCNI, Microsoft MCSE. He was recognized as Entrepreneur of the year for 2008 by the Tulare County EDC. He is president of Torian Group, Inc. which provides a full range of Technology Consulting services to local business, including computer services, networking, web and custom software development. www.toriangroup.com