Security is a topic we address frequently. The reason for this? We know that even the smallest breach in security can make or break your small-to-medium sized business. The truth of the matter is that many SMB owners are unaware or unsure of the type of security measures needed in order to protect their business. Technology is a vast field and just because you know a lot about one area, it does not make you an expert in securing your business. For this reason, we have compiled this list of the minimum security precautions that every SMB owner should follow to ensure the safety of their company, their data and their employees.
There are a number of ways to “securely” store data in the modern world. You can choose from the cloud, hard drives, backup disks, mobile devices, servers. The list goes on. The first step in ensuring the security of your business is to personally identify where exactly your company’s most critical data lies. An easy way to think about this is to ask yourself “which data would I need to access within 24 hours of a major disaster or data breach in order to ensure that operations remained up and running?”
You might not have the financial ability to store all of your business’ data in a highly secure environment, but ensuring that your most critical data is bulletproof is absolutely vital. Just consider all the hacks that have occurred over the past year. Huge companies were breached without a clue, until it was too late. This type of situation would be disastrous for a SMB - however having critical data stored in a secure location is your first step to overcoming cyber security threats. Once you have identified where you’re keeping your data and which data is critical, you should speak with your IT managers or an MSP to determine the security measures that need to be implemented to protect your company’s most vital data.
After you have made sure your business’ critical data is virtually bulletproof, it’s time to arm your network. If you have not gotten to this step already on your own, the first and most important step would be to make sure you have anti-Malware protection on your servers and endpoints, as well as firewalls for both your wired and wireless access points. A layered approach to security is always ideal, so when arming your network you want to keep this in mind. The more protected your server is, the less likely you will suffer from a disaster like data loss/theft or severe network downtime.
If you have the budget for it, it might be worth it to seek outside counsel from an MSP who is well educated in today’s security best practices. By partnering with an MSP, you will be ensured that your business is protected and equipped to handle the latest in cyber security threats. If your business does not have the budget to hire an outside IT firm, make sure to educate yourself and your employees on the latest security trends. You can also seek outside advice from other business owners and join technology networking groups. It’s always better to be safe than sorry.
Bad things don’t only happen to bad people. The same idea can be looked at through the lens of securing your business. Bad things don’t only happen to bad businesses; a natural disaster can strike at any time, and your technology can go hay-wire, especially if it isn’t being properly maintained. Countless SMB’s across the country suffer severe data losses every year, and we know you don’t want to be one of them. A perfectly easy way to ensure the security of your business and it’s data is to automate daily backups. By doing so, you will have your data backed up automatically on a daily basis and you won’t have to lift a finger once it’s configured (except of course for routine checks). Backups allow businesses to remain in operation even after a security breach, natural disaster or threat because you will have all of your most current company data and information at your fingertips by simply accessing your backup. Now isn’t that genius?
This is a simple one. Whether it’s a computer, tablet, server, phone or any other device that store data, you must make sure to properly dispose of it, even if it dies. To be more specific, you need to remove the hard drive and/or SIM card from all devices before you throw them away. Additionally, if you are still using printed documents, or are currently migrating your paper docs to the cloud, make sure to have a paper shredder on hand to properly dispose of those as well. If the wrong person got their hand on your business’ internal documents or data, there is no way to know if you have a threat on your hands.
If you need help destroying a hard drive, give us a call and we would be happy to assist. This is an important step when getting rid of old technology and needs to be handled properly.
Another simple one. The mobile age is upon us, and along with it comes employees who may be able to access your business’ information via their mobile devices. Whether critical or not, all of your company data is important to protect. Keep in mind that there are countless different brands of phones and with that comes many different operating systems that require varying security measures. As a SMB owner, you and your IT team/firm should be aware of this, leading us to our last point…
We’ve said this before, but be sure to implement a specific policy for all of your company’s devices and all of your employee’s personal devices. If you don’t tell your employees not to access company documents or information via their mobile devices, 9 times out of 10 they will assume it’s ok to do so.
Additionally, implementing an online policy on work devices is important as well. Making sure to determine acceptable online behaviors, outlining how data should be shared and what needs to be restricted are all things to think about when creating your online policy. It might not be a good idea to be overly restrictive, but it’s important to make your employees aware of the company standards.
Are you concerned about your company’s security? Might it not be up to par? If you need the guidance of a seasoned IT firm who specializes in security, give DCS a call. We are an established, proactive IT MSP who can help ensure your business is running smoothly and securely 24/7/365.