While it’s impossible to plan for every potential computer disaster or emergency, below are the top 10 biggest threats and disasters that wipe out businesses and simple, easy steps you can take to dramatically lower the chances of them happening to you.
Threat #1: Viruses and Worms
Today, viruses are still by far the most common type of network security threat. Viruses can do a wide range of damage from displaying a steady stream of annoying popup ads to freezing your entire network and corrupting your data. Not only can a virus corrupt your files and bring down your network, but it can hurt your reputation. If you or one of your employees unknowingly spreads a virus to a customer, or if the virus hijacks your e-mail address book, you’re going to make a lot of people very angry.
Worms are even more dangerous because they don’t need a host file to infect your network; they can simply be embedded into an e-mail. Once a computer is infected with a worm, it can make quick copies of itself and infect an entire network within a few hours. Because of this, worms are responsible for a good number of companies’ widespread network failures.
Obviously you need to make sure every PC and laptop in your office has anti-virus software installed. We recommend <insert your recommended anti-virus>. But you can’t just install it and forget about it; someone needs to monitor your network to make sure every machine has the most up-to-date version installed AND to make sure the software isn’t accidentally disabled.
Threat #2: Not Backing Up Your Data, AND Failing To Keep An Offsite Copy Of Your Data
It is amazing how many businesses never back up their computer network, OR only keep an on-site copy of their data.
Unless YOU MADE A COPY OF IT, you can’t recover the data. It’s gone. That is why it is so important to back up your network. There are a number of things that could cause you to lose data files. If the information on the disk is important to you, make sure you have more than one copy of it.
The first step is to make sure you have a good on-site copy of your data.
Second, it’s absolutely critical that you keep an off-site copy as well. No one expects a flood, fire, hurricane, tornado, or other natural disaster. But did you ever consider theft? What if someone breaks into your office and takes every single piece of computer equipment you have? It has happened.
What if a neighboring office catches fire or if a faulty sprinkler system waters your server room? Here’s another on-site disaster most people never consider…
What if your data becomes corrupt or a tape drive hardware failure erases your data? Again, your data is nothing but a memory. That’s why you want to not only keep an on-site copy of your data, but also an off-site copy. Your data is just too important to not do everything possible to protect it.
Threat #3: Not Testing Your Back-ups To Make Sure They Are Working
This is another big mistake. Many business owners set up some type of back-up system, but then never check to make sure it’s working properly. It’s not uncommon for a system to APPEAR to be backing up when in reality, it’s not.
At least once a month, have someone perform a restore of your data to see if it CAN be restored and to see if your data is intact. Tape drives have a failure rate of 100%—that means ALL tape drives will fail at some point.
Problem is, it often happens without any warning or sign, so you THINK you are backing up a good copy of your data when you aren’t. Frequently test your data back-ups.
Threat #4: Trojan Horses
A Trojan horse is a malware attack that hides in something innocent such as a screen saver, computer game, or even a YouTube video.
Not too long ago the Saddam Trojan horse infected a number of PCs by using a link in an e-mail that promised to connect to a web page that showed the Saddam Hussein hanging, but instead infected the user with malware. Once installed it was designed to record screen shots and key strokes to steal financial information, accounts, and passwords.
Trojan horses are very difficult to remove so an ounce of prevention is worth 5 pounds of cure. Educating employees is not enough to protect against these attacks because hackers are constantly coming up with new and innovative strategies to access your network.
We recommend that you block users from downloading freeware and computer games, as well as embedded links in e-mails. You may even want to block all web sites that are not on an approved list of web sites that employees may visit.
Threat #5: Spam
Spam is an irritating and potentially malicious menace that every business has to deal with. Not only does it kill office productivity, introduce viruses, worms, and Trojan attacks, but it can also take up so much bandwidth that it causes your network to crash.
When it comes to fighting spam, fortunately, a great deal of spam can be filtered out by a good email filter.
Threat #6: Not Maintaining A Secure Firewall
Small business owners tend to think that because they are “just a small business,” no one would waste time trying to hack in to their network, when nothing could be further from the truth. Experiments have been conducted where a single computer was connected to the Internet with no firewall. Within hours, over 13 gigabytes of space were taken over with malicious code and files that could not be deleted. The simple fact is there are thousands of unscrupulous individuals out there who think it’s fun to disable your computer just because they can.
Make sure you install and maintain a secure firewall for your network.
Threat #7: Not Installing The Most Up-To-Date Security Patches and Updates
Software companies (like Microsoft) are always discovering security loopholes in their programs that allow hackers to access your network. That is why they offer patches and updates to their users for free.
However, most hackers do NOT discover these security loopholes on their own. Instead, they learn about them when Microsoft (or any other software vendor for that matter) announces the vulnerability and issues an update or a patch. That is the hacker’s cue to spring into action; they immediately analyze the update and craft an exploit (like a virus) that allows them access to any computer or network that has not yet installed the security patch. The time between the release of the patch and the release of the exploit that targets the underlying vulnerability is getting shorter every day; that is why it’s important to keep an eye out for security updates and patches.
Make sure you frequently install the most up to date security patches and updates for your system.
Threat #8: Phishing Attacks
Phishing refers to spam e-mails designed to trick recipients into clicking on a link to an insecure web site with the intention of stealing account information and passwords for e-commerce sites, as well as credit card and bank account numbers.
Chances are you’ve received the infamous PayPal e-mails alerting you that your account is going to be deactivated or closed if you don’t log in to verify your account information. This is a classic phishing attack.
The best line of defense is educating employees on how hackers try to phish your account information. Even though simplistic phishing attempts like the PayPal scam now seem obvious to regular Internet users, a single phishing attack can compromise your entire network’s security if the employee is tricked into giving his network account information. That is why you need to frequently remind your employees to never enter personal information in a web site solicited through an email.
Threat #9: Hardware Loss and Residual Data Fragments
Not long ago a number of government laptops were stolen, making national news. This story brought to light another security problem for businesses: stolen laptops and computers. While this may not seem like a big issue, it is a major contributor to the 10 million cases of identity theft suffered by Americans each year.
Thankfully, this threat can be minimized in a few easy steps:
1. Encrypt sensitive company data, especially the laptops used by employees who frequently travel. If your laptop gets stolen, this will prevent the thief from doing further damage by accessing financial records, patient files, sensitive client data, and other confidential information.
2. Wipe and/or shred files on old hard drives before they leave your organization.
3. Develop a policy for keeping track of employees’ use of smartphones and USB memory cards around sensitive data.
Threat #10: You And Your Staff!
No, we are not kidding. End user mistakes are often the biggest threat to a network’s security. Whether it’s downloading a virus, accidentally deleting an important folder or file, visiting shady web sites, or sharing confidential information, end users are usually at the root of every computer problem.
That’s not to say you and your employees are intentionally doing things to harm your network; in most cases, the damage is done innocently enough. But a virus’s effects are the same whether the download was intentional or purely by accident.
All of the above measures will go a long way in preventing problems; but we also recommend continually educating yourself and your staff on proper e-mail, Internet, and PC usage. We also recommend regular maintenance and monitoring of your critical data and systems so that IF a problem arises, it can be dealt with immediately and the damage minimized.
Contact Us For More Information