We all have data. Some of us have pictures, videos and maybe some documents while others have databases, emails and so forth. But there is one thing which everyone must do and that is to secure it. How you do this is a matter of debate as some security features which work for me might not be suitable for the next business but there are a set of ‘ground rules’ which everyone can follow no matter what size business you are.
1. When you are the last person out of the office lock the door so no one can get in. Sounds simple but you would be horrified by the number of people who go for lunch and don’t. Leave the door open and someone WILL get in.
2. If your business has a server your best bet is a server room however for a lot of smaller companies this is not an option. In this case position your server OUT OF SIGHT. If people don’t know you have one then they can’t take it. I know of one company who positions their server in front of the windows in the front office. All it takes is for someone to walk past, smash the glass and the server is gone.
3. Don’t allow people to wander into your office unchallenged. When I first started out I went to see a client to do some work on their server. I went in the main door and turned into the first office thinking it was the reception. It wasn’t it was the room they kept their server in and it was empty. I could easily have walked upto their server unchallenged and started playing. I could have caused havoc!!
Software related security
1. Use passwords. The first line of defence when someone has access to your system is your password. Pick a password that you can remember and DO NOT write it on a postit note and then stick it on the monitor!! It should be a mixture of letters and numbers. This point also works on tablets and smartphones. Use passwords to lock them during startup.
2. Encryption. There are loads of options if you are looking to encrypt your files. Three of the main ones I have come across are BitLocker, TrueCrtypt and DesLock. All offer full disk encryption and require a password to unlock the drive (BitLocker can also use a TPM chip on the motherboard). The only downside to using encryption is that if you lose the password (encryption key) you can’t access your data – PERIOD.
3. Wireless encryption. All of us will have used wireless at some point but how many people know how to check the level of your wireless encryption? Almost all wireless access points, by default, come with no encryption and the user is required to set it up (routers from ISP’s will). Leave your network open and anyone can access it and your data suddenly becomes very tempting.
4. When leaving your laptop unattended lock the screen. This way no one passing can access your laptop and have a sneak preview of all your files.
1.Take some!! If you don’t and the hard drive in your laptop or server dies (unless you have RAID) you could lose the lot. Once you have backed up your data that is not the end of it. You still need to address where are you going to store it? I always tell clients that the backup must be stored in a different location to the computer it was taken from. For example don’t backup your server to an external hard drive and then the hard drive ontop of the server!!
2. Consider using online backups. The main advantage of online backups is that all your data is automatically backed up off site. Be careful though who you go with and check out the security features they offer as part of the deal. I tend to go with Dropbox for small businesses but some other people prefer Box. Whoever you go with check out their security policies first after all they will be looking after your data.
Implement a data policy specifically stating what users can do with your data and more importantly what they can’t. Get everyone to sign it and review it on a regular basis. If everyone is ‘singing from the same hymm sheet’ with regards to data security it makes securing your data much easier.
Can you think of anything I have missed? If so please let me know!!
About the Author
Follow @Comtech247 on Twitter