5 Simple Steps to Improve Your SMB Comuputer Security

by becki on July 30, 2011

In the first three articles in the SMB Security series, I discussed some reasons why you should take computer security seriously.

graph of hacks by business sizeIn the next series of articles, I’ll discuss steps you can take right now to reduce the likelihood of suffering a data breach or loss. Help make your business more resilient and less attractive to computer thieves by implementing these basic steps. These are the same things larger companies do to protect their businesses.

And don’t think that just because you are small you are safe. The graph to the left indicates that small businesses are being targeted at a much hirer rate than larger businesses. Hackers are now targeting the little guy because they know small businesses are less secure than big businesses, and you have information worth stealing.

 

5 Simple Steps to Improve Your Computer Security

 

  1. Backup your data
  2. Patch your operating system and your applications
  3. Use individual logins and passwords
  4. Encrypt your wireless network
  5. Protect remote access
  6. BONUS: Shred printed documents that have sensitive customer or business data

Backup Your Data

How long can you stay in business if you lost your customer data, contracts, or financial information? How much time would you have to spend to try to recover that data? Can you afford that cost?

Do you have paper copies? Are they in the same building as your computers? What happens if there is a fire, flood or burglary?

  • Keep a copy of your critical data offsite; far enough away that the same disaster cannot wipe out both copies.
  • Make a backup as often as needed. How much data are you comfortable losing? One day? A Week? The answer is up to you, but you’ll need to make backups on a regular basis.
  • Verify that things are working as you expect. Test your backups by trying to restore or build from your backups. Do this at least once a year.
  • Consider using service like Iron Mountain.  They’ll help you get started and help you if you have to recover your data.

Patch Operating Systems and Applications

One way hackers steal information stored on computers is through known flaws in software. You can think of these flaws like open windows to your car or home; most people won’t take advantage, but some will.

  • Set your operating system (Windows, Mac, Linux) to automatically check for patches. Make sure to backup your critical data before patching.
  • Set your applications to automatically check for updates. Common applications are: Adobe Acrobat, MS Office, Outlook
  • Set your browser software to automatically check for updates. (Internet Explorer, Firefox, Safari, Chrome)
  • Do you have a website? You need to patch and back that up too.

Use Individual Logins and Passwords

  • Make a login and require a password for everyone that uses a computer
  • Do not give any user administrator rights
  • Make an administrator account that is used for administrative work only. Do not share this account – make more if needed
  • Delete any group login accounts
  • Require strong passwords, but don’t go crazy. People will write down their passwords if you get too strict.
  • Tips for creating a strong password

Encrypt Your Wireless Network

One of the largest and most expensive data breaches in history took advantage of weak wireless encryption. It is one of the easiest ways for computer criminals to steal your data.

  • Set your wireless access points and clients to use WPA-2 encryption.
  • Do not use WEP – it is too easy break the encryption
  • I strongly recommend that you make the investment on new equipment if yours is too old to support WPA-2
  • Use RADIUS if you have it, if not use a strong pass phrase if you are going to use WPA-2 Personal
  • See instructions for your operating system and access points for details on how to set this up. There is a lot of information on the Internet.

Protect Remote Access

  • Decide if you really need to allow anyone to access your computers from outside the office
  • Disable remote access if not needed
  • Use the firewall settings on your computers to block remote access for file sharing
  • Require a VPN if you are going to allow remote access. This limits who has access to your computers and encrypts the connection making it difficult to eavesdrop on your communications.
  • This step is more technical than some of you might feel comfortable tackling, so seek help from a security or computer network professional to help you. This is a very important step, so don’t skip it.

Shred Printed Documents

A couple years ago I went to a mortgage company to inquire about a loan, and I saw stacks and stacks of documents in the office, but not a single shredder or shredder bin. It made me very nervous about doing business with them. I suspected that all of those documents with personal and financial data would one day end up in the dumpster.

What information are you throwing in the trash? Anything with Personally Identifiable Information (PII)? Bank or credit card account information? Job applications? Customer contact information? Do you know you are responsible for protecting this data?

  • Get a shredder if you have a few documents to shred
  • Get a shredder service if you have a larger volume of documents to shred. Some will shred onsite in your parking lot, some will take the documents back to their office and shred there. Know how the service will handle the documents before you hire them.
  • Make sure the shredder bin remains locked to protect the data from visitors or employees

Wrap Up

I hope this article helped you understand a few basic steps that will help you make your business more secure and less attractive to computer thieves. Most of these you can do on your own, but please seek assistance from a security or IT pro if you need help.

This is a start, there are many more things you can do, but it’s easier to do if you do a piece at a time. Get started today and do a little to get better every week.

Feel free to leave a comment, email me, or contact me on Twitter if you have any questions.

Share
  • Chris Halcon

    Becki, great insight here. At Symantec, we’ve found that SMBs are an increasingly desirable target for malware-based attacks because they tend to have fewer defenses than larger companies and more money in the bank than an individual consumer. To your five tips, we’d also suggest adding a reliable security solution. Today’s security solutions—whether delivered as software or hosted services—do more than just prevent viruses. They scan files regularly for unusual changes in file size, programs that match the software’s database of known malware, suspicious e-mail attachments and other warning signs. It’s the most important step small businesses can take toward keeping computers clean of malware. Your readers might find some useful information on preventing malware in a recent blog post by one of my colleagues at Symantec: http://bit.ly/o9SONG

    Chris Halcon
    Symantec

  • becki

    Thanks for your comment and link to the white paper Chris.

    There is so much we can do to help the SMB and I hope you and Symantec continue to share information that can help the little guy.

Previous post:

Next post: