Keeping your IT system safe from attack
If you’ve ever watched Chloe O’Brian hacking easily into the White House, global terrorist networks, or London’s CCTV, you might just wonder how your own IT systems might fare in a similar situation.
True, unless you have recently tried to take control of half a dozen US drones, you are probably safe from the kind of IT intrusion seen in 24, and unlikely to have your windows – or limbs – broken by Jack Bauer.
But how well protected are you against the day-to-day risks of spyware, malware, and adware? What steps can you take to ensure the security of your IT network?
John Crozier, FirstlineOperations Director, talks tech tactics and management…
Remember that any system is totally secure, right up to the point when someone starts using it.
The moment you or your staff stop working within the system and receive an email, do your shopping, or surf the net during the lunch hour, you are potentially making the system vulnerable to attack. In an ideal world, you do only what you need to do on your work computers to keep them as secure as possible.
When your system warns you that something is suspicious, believe it.
One of our clients once received a dodgy email when he was working at home. His PC warned him that it probably contained a virus – so he forwarded it to his work email. At work the next day, he tried to open the same email, and was once again warned that it was risky, so he forwarded it to someone else…
Eventually, of course, someone succeeded in opening the email – and infected the whole system with a virus.
While determination and ingenuity are valuable qualities, it is a good idea to dissuade people from using them in the pursuit of opening emails that your anti-virus system has already identified as risky!
Buy security software, but explain it to your staff.
In order to keep your system safe, security software checks and scans every last little app and ad fighting to open themselves on your screen. This takes time and annoys users, who tend not to understand why they now have to enter passwords at every turn.
As a business owner, you have to decide where to strike the balance between keeping the system secure and keeping your staff happy. If you think you can persuade them to keep their non-work internet use to a minimum and not open suspicious-looking emails, then you can have a light touch with your security software.
Phones, tablets, and Macs are vulnerable too.
This is why I am in two minds about the Bring Your Own Device phenomenon. I can see that employees like the flexibility of using their own technology at work, especially as they are likely to be more up-to-date than the average business computer network, but they do expose the network to the risk of viruses that have crept in from games, social media, and even organisations such as Google.
So my recommendations for keeping your network secure are:
- Buy some level of security protection. Ask your IT support company for advice, as it is easy to end up spending more than you need. Remember that there will be a slight trade-off in terms of slowing your system down – but it’s worth it.
- Write and implement an internet and email usage policy. Make sure you explain to your employees why you are doing this, otherwise they will assume you are just a killjoy out to spoil their lunchtime Facebook-browsing, with bad consequences for employee relations and internet security alike.
- Avoid BYOD as far as possible. If you feel you must allow it, make sure you have a clear policy that will enable you to protect both your data and your systems.