IT Infrastructure Security is Constantly Changing.

Security is like insurance.  You may not want to think much about it, but if you actually need it, you are very glad you have been paying the monthly premium.

When you experience a security breach, or are the victim of any type of cybercrime, things can go very wrong, very quickly.  In fact, the Small Business Administration reports that many of the small businesses that experience a security breach never recover from the damage.  That’s an alarming percentage that should serve as a warning for us all.

A recent Nationwide Insurance survey revealed that 8 out of 10 small- to medium-sized businesses do not have a plan in place to protect their data against cyberattacks, leaving them vulnerable to cybercrime.

John Sileo, KUSA News’s IT security expert, says, “The first thing I’d do for my small business is to have an IT provider come in and do a security audit of my systems and data.”

IT Infrastructure Security is Preventive

Do you have security policies in place? Do you have an actionable plan, with a schedule to follow to make sure those policies are being upheld?  Or, with all the other things competing for your time, are you thinking “Yeah, I know we should, but…”?  Or, maybe, you just don’t get around to it.

As we near year’s end, make it a priority to launch 2016 safe and secure.

Let’s look quickly at the risk of NOT making IT infrastructure security a priority, as well as some quick fixes and solutions that you can implement to protect your company, your data, and your bank account.

Data Breaches

When confidential information is stolen from your systems, your company becomes vulnerable to financial theft or lawsuits.  For many companies, a data breach can be serious enough to put them permanently out of business.

Malware

Though we’ve all been warned to not open attachments, it still happens more often than you’d imagine.  Malicious software can be easily downloaded through websites.  It can be so easy for an unwitting employee to compromise your entire network.

Impersonation

Stealing or impersonating the credentials of someone highly placed in your company is easier to do than you may think, and is not an uncommon form of cyberattack.  The problem is exacerbated by the fact that an email, such as one requesting money or access, which comes from a corporate executive is difficult for a subordinate to question or refuse.

These are just a few of the common cybercrimes you need to be aware of. To see others, and for a handy visual to keep handy or share with colleagues, download our Cybercrime Prevention Infographic.  (http://www.itservicescolorado.net/cybercrime-inforgraphic-optin/)

An Ounce of Prevention is Worth More than a Pound of Cure

There are some simple steps you can take to prevent cybercrime from ruining your business.  Paying attention to your cybersecurity, now, can save you from major headaches in the future.

Every business can benefit from these simple precautions:

Check Your Firewall Settings

Most of us think of firewalls as preventing harmful incoming data.  Firewall settings are fairly easy to set and control on the incoming side.  Take the extra caution of locking down outgoing data to just those things needed to run your business.  This may include:

  • Email
  • Secure Website Browsing
  • File Transfer
  • Virtual Private Network (VPN) Settings

Users, Passwords, and Privacy

We recommend establishing a policy for creating, changing, and deleting usernames and passwords.
Begin by reviewing your user list, making certain it reflects only people who are currently active in your organization.  Remove anyone that no longer needs or should have access.

Next, create a separation policy, so that, when someone leaves the company, there is a procedure in place for removing them from the system.  Keep in mind that it is not just a risk of that person doing harm: It’s easy enough for someone to use the logins of a person no longer with the company to get into the system to compromise it, leaving you with no idea who is really using the old, but still active, logins.

Lock Down Remote Access

It’s common to have employees who work remotely accessing your server, either regularly or on an occasional basis.  If your server is onsite (as opposed to in the cloud), you should think of this as people from the outside world getting in.

To stay secure, make certain your server software is up to date and that you plug any potential IT infrastructure security holes that could allow unauthorized access to your infrastructure.  Not carefully controlling access can result in a data breach or in someone being able to deface or take over your website.

Ongoing Maintenance

Cybercriminals are usually one step ahead of the rest of us, as they get ever more clever and devious.  Your entire business life is wrapped up in your data, and it needs to be protected.

Unless you’re certain that every part of your IT infrastructure is solidly locked down, consider speaking to one of our certified security experts, or request a security assessment.

Depending on the size of your organization and rate of employee turnover, a quarterly, bi-annual, or annual review of your systems and policies may be recommended, to make certain you are thoroughly protected from data compromise.

Don’t end up as a cybercrime statistic. Be proactive and start 2016 on secure footing.

Consider Our Security Assessment

We have a simple, efficient, and thorough process for analyzing your security, producing a “report card” on the health of your security.  Clients use these reports to identify weaknesses which need to be addressed, as well as to become aware of what security priorities they’ve neglected and should, now, focus their efforts on.  These assessments allow for “outside eyes,” people who are at the forefront of best practices, to offer ideas and suggestions that can be implemented internally.  With every assessment, we deliver a detailed report outlining your organization’s top five security priorities, as well as how to handle them immediately.

Start the New Year Right

We’re offering a special, this month, on our security assessments.  Please call us at 1.303.383.1627, extension 1, for more information or to schedule your assessment.

Save some money and start 2016 lock-down secure.