Viewing entries tagged
Four Key Components of a Robust Security Plan Every SMB Must Know
Most businesses are now technology dependent. This means security concerns aren’t just worrisome to large corporate enterprises anymore, but also the neighborhood sandwich shop, the main street tax advisor, and the local non-profit. Regardless of size or type, practically any organization has valuable digital assets and data that should not be breached under any circumstances.
This makes it the responsibility of every business, especially those collecting and storing customer/client information, to implement a multipronged approach to safeguard such information.
Yes, we’re looking at you, Mr. Pizza Shop Owner who has our names, addresses, phone numbers, and credit card information stored to make future ordering easier and hassle free.
Today’s SMB Needs a Robust Security Plan
Protecting your business and its reputation comes down to developing, implementing, and monitoring a robust security plan that adequately addresses everything from physical access and theft to the threat of compromised technology security. This involves defining and outlining acceptable uses of your network and business resources to deter inappropriate use. Here are four key components to consider.
Network Security Policy: Limitations must be defined when it comes to acceptable use of the network. Passwords should be strong, frequently updated, and never shared. Policies regarding the installation and use of external software must be communicated.
Lastly, if personal devices such as laptops, tablets, or smartphones are accessing the network, they should be configured to do it safely, which can be done easily with a reliable Mobile Device Management (MDM) solution.
Communications Policy: Use of company email and Internet resources must be outlined for legal and security reasons. Restricting data transfers and setting requirements for the sharing or transfer of digital files within and outside of the network is recommended. Specific guidelines regarding personal Internet use, social media, and instant messaging should also be clearly outlined. If the company reserves the right to monitor all communication sent through the network, or any information stored on company-owed systems, it must be stated here
Inappropriate Use: Obviously, any use of the network or company-owned system or device to distribute viruses, hack systems, or engage in criminal activity must be prohibited with the consequences clearly noted. Any website that employees cannot visit should be identified if not altogether blocked and restricted. For instance, downloading an entire season of True Blood from a Bit Torrent site isn’t an acceptable use of company Internet resources.
Every employee must know these policies and understand the business and legal implications behind them. Companies must also make sure these policies are clear and understood by all, and most importantly, strictly enforced.
Research has revealed that over half of all users end up opening fraudulent emails and often even fall for them. Phishing is done with the aim of gathering personal information about you, generally related to your finances. The most common reason for the large number of people falling for fraudulent emails is that the phishing attempts are often so well-disguised that they escape the eyes of a busy email reader. Here are a few tips that help you identify whether that email really came from your bank or is another attempt at defrauding you…
1. They are asking for personal information – Remember, no bank or financial institution asks you to share your key personal information via email, or even phone. So, if you get an email where they ask for your ATM PIN or your e-banking password, something’s amiss.
2. The links seem to be fake – Phishing emails always contain links that you are asked to click on. You should verify if the links are genuine. Here are a few things to look for when doing that:
3. Other tell-tale signs – Apart from identifying fake URLs, there are other tell-tale signs that help you identify fraudulent emails. Some of these include:
Finally, get a good anti virus/email protection program installed. It can help you by automatically directing spam and junk mail into spam folders and deactivating malicious attachments.
Partnering with a managed service provider (MSP) is one new approach being used by many companies like yours. Experienced MSPs have access to newer tools that reduce costs by automating many routine in-house labor intensive processes. Break-fix is labor intensive, and labor is one of the most expensive operating costs within your IT infrastructure. The new innovative tools that can be provided by MSPs generate real productivity increases and mitigate the risk of network failure, downtime and data loss from human error.
MSPs deliver a trusted foundation for your team and your customers. Some of the services and tasks offered include:
Erase any misconception that managed service providers are nothing more than “outsourced” tech help priced to displace your in-house IT technician or team. The new MSP has defined new methodologies and technology partnerships to offer valuable preventative services that proactively locate and eliminate threats before a bigger problem arises.
MSPs today put considerable effort into understanding the operational and business needs of SMBs to develop and deliver a set of specific services that align technology with the SMB’s business objectives. This is the reason you hear managed services often referred to as “partners.” A present day MSP offers quantifiable economic value, greater ROI and decreased total cost of operation by streamlining costs and eliminating unnecessary lost productivity, revenue, and avoidable on-site IT consultant fees, in addition to eliminating the need for costly hardware/software repairs or replacement.