It Could Happen To Your Business If You Let It

Not long ago, we were helping a small business set up a new email system when the owner's assistant ask us to set her password to the company's phone number - the same number on their website. She explained that this was the standard password she was using for lots of different applications and online services. After all, who was going to pick on her?

Too many small businesses today have that same casual attitude toward information security, thinking they're too small to be targets. Wrong. For one thing, criminal hackers routinely run automated scans on everything connected to the Internet, looking for vulnerabilities. It's like walking down the street jiggling door handles on every car to see who left the door unlocked, whether it's a shiny Mercedes or rust y old Chevy.

Breaking into your small business email accounts might not be as big a win as hacking into a bank, but what if there are messages in your inbox that contain account signup up notices for various online services? Pretty soon, an attacker can be resetting your passwords and extracting confidential data.

In a report published in May 2009 by the National Institute of Standards and Technology entitled Small Business Information Security: The Fundamentals, they outline a list of absolutely necessary actions that a small business should take to protect its information systems and networks. These are:

• Patch your operating systems and applications

• Protect information/systems/networks from damage by viruses, spyware and other malicious code

• Train your employees in basic security principles

• Require individual user accounts for each employee on business computers and for business applications

• Make backup copies of important business data/information

• Install and activate software firewalls on all your business systems

• Provide security for your Internet connection

• Secure your wireless access points and networks

• Limit employee access to data and information, and limit authority to install software

• Control physical access to your computers and network components.

At TeamLogic IT, we do this and more, every day for our clients. We can assist you with any and all of these actions and also talk to you about additional recommended practices that you might want to deploy in your business to ensure the security of your systems and information. Call us today at (650) 204-3150.