Use this article to build a foundation of knowledge about IT security for your small or midsize business:

In the early years of personal computers, people would write viruses that would cripple or even wipe the data off of a computer.  These programs were transferred from computer to computer via floppy disks.  These attacks caused the loss of untold hours of recreation of documents, re-installs of the operating systems, and plenty of crying, swearing, and personal hair pulling.  In short, it was just mean and malicious.  Soon the Anti-Virus software industry was born.  Companies that wrote software to protect against these nasty little programs that turned the air blue and increased the use of Kleenex tissue.  The problem with this industry is that it is always behind.  It would be able to clean one virus, but a newer virus was always being written to get around or through the loop-holes left.

As the years have passed, more ways of getting a virus or some kind of malware onto your computer have surfaced.  Now there are several vectors in which viruses can get into your computer.  USB drives (modern floppy drives, really) still infect a fair share of computers every day.  With the invention of network connected computers and the Internet, it has become even easier to infect the computer.  Sometimes just being on the same internal network with an infected computer is enough to get infected.  Now, with the Internet getting faster and faster, more information available, and more computers connected than ever before, it is more difficult to keep the viruses out.

So, how do we keep our computers from getting infected?  With some many ways for a computer to get infected, how can I keep my company computers safe?  Just like keeping warm on a cold day, the best way is to use layers of security.  There are many layers to security on an Internet-connected business.  Let’s start at the perimeter and work our way inward.

Between your company network and the Internet should be a firewall.  In the old days, firewalls just let traffic in and out based on a fairly simple set of rules.  By default, anything on the inside could get out and nobody on the outside could get in.  Simple and easy.  But with the evolving way that viruses are getting around this isn’t enough.  So next comes an enhanced firewall called “Next-Gen” firewalls.  These firewalls allowed much more granularity over the security of Internet traffic going in and out of your network.  They can stop users from accessing those naughty, non-work related websites during work hours as well as stop certain applications from working.  Applications like streaming videos and music, not to mention the downloading of illegal content from peer-to-peer networks such as BitTorrent.  But beyond that, the newer firewalls can actively search content going in and out of your network for viruses and malware and keep them from entering your network, too.

The next entry point is email.  From emails with virus infected files, links to infected web pages, SPAM, and “phishing” emails it is a big hole in security if not managed correctly.  There are really three ways to deal with this issue and all are equally important.  First, have your email scanned and filtered by a provider.  That is their business and they have systems to keep most of the viruses and malware out.  Second, make sure that your desktop anti-virus software includes a module for email.  Most of the major ones do.  Finally, train your users on what to look for in suspicious emails.  I have had clients send me an email asking if it is real or fake because they were cautious about opening emails.  It’s better to ask someone about something that doesn’t look quite right than infect your computer with a virus.

Next stop, the desktop.  Anti-Virus (AV) and Anti-Malware (AM) software on a computer along with trained users are your last defense.  No one single AV or AM software can detect everything.  We recommend using two.  One to keep running all the time in the background to catch most of the bad stuff. Then a second one to scan your computer on a regular basis to catch what the other one missed.  It’s a good strategy for keeping your system clean.  Also, having regularly scheduled training about computer usage and how to spot problems can help your users stop and even clean viruses before too much damage is done.

Next is server-based security.  Things like rights management and access control as well as usernames and passwords.  Keeping, using, and changing passwords on a regular basis help keep outsiders, and even insiders, from gaining access to your systems.  Once you know another person’s password you can become that person, electronically.  Files can be changed or deleted, emails sent, and other mischievousness done that can hurt your company or even your own reputation or job.  A nasty email sent to the other person’s boss can land them in the street looking for a new job.  There are many levels and ways to deal with this.  From creating secure usernames and passwords and forcing password changes on a regular basis to using 2 Factor Authentication (with a key-fob or an app on your phone) and biometrics to confirm that the person logging in is who they say they are.

Data backup is the final layer.  Daily backups to tape drives are still used, but there are better ways to handle the backups.  With many systems now a single full or image backup of a computer is collected.  Then subsequent backups are only of the differences between that full backup and the current state.  Some systems are configured to do a backup multiple times a day to avoid as much loss as possible.  Then to add another layer, these backups can be sent to data centers at remote locations to keep the data safe in case of a disaster.

There are many ways to help keep your network safe from harm.  Using just one method is no longer an option in today’s connected world.  Next-Gen firewalls, email filtering, desktop AV/AM applications, and backups all working in conjunction is the way to go.  If you are missing any one of these components your business is at risk.  Yes, sometimes all that security is a hassle, but it is necessary to avoid costly downtime and even loss of information.

Ask yourself some time, “What would happen to my business if my computers or server were consumed in a fire?”  Would your company survive?  Or would you have to close your doors?  What would happen if someone got access to your company data or plans and started another business based on your data?  How much is your data worth to you and how much are you willing to spend to keep it safe and secure?

You put locks on your doors, and probably have a fire and security system for your building, have you done the same for your data?

Contact Upward today to assess your current security strategy and chart a pathway forward.