IT security

Improving IT security

IT Security is critically important to organisations of all sizes. We are more reliant on computers than ever before. Many businesses would close if they were to suffer a serious IT security breach. The reality is that it’s easy to let our guard slip in this respect. We can easily fall into the trap of focusing on what is urgent, rather than what is important. We often don’t realise how unsafe our security is until its too late. We’ve all been there, and it’s more important that we recognise this and make changes. The great news is that there is a lot we can do without breaking the bank. With that in mind, here are 12 things you can do today to improve your IT security:

Keys tips for stronger IT security

  • Smarter passwords – Use as strong and as complex a password as you can. Don’t make it so complex that it’s difficult to remember. Don’t share your passwords with anyone else and be sure to change passwords regularly. Never write it down or leave it somewhere it could be found easily. See our article Secrets To A Strong Password Policy for more tips.
  • Protect from theft – Physically secure your premises. Spend as much as is viable. This includes an alarm system, CCTV, a secure and lockable server room, window guards, staff entry cards…whatever is necessary. Stop unauthorised people from getting into your building and you’re half way there.
  • Encrypt your devices – In the event that anything is stolen, lost or damaged you will guarantee peace of mind if your devices are encrypted. This includes: laptops, PC’s, mobile phones, USB storage, external hard drives etc. iQuda offers a remote-wiping service that works by installing an application onto your mobile devices. If a device is lost or stolen, it can be wiped clean immediately. Enquire now. 
  • Protect yourself against virus attack – Ensure you are using a reliable and up to date anti-virus product on all your devices. Keep your anti virus updated and keep track of when it expires.
  • Filter your emails – Enabling automatic SPAM filtering (many products such as Gmail come with this feature built-in). The majority of the SPAM you receive will be separated form your inbox and can be checked over before deletion.
  • Firewall – Monitor and control the traffic that leaves and enters your network by implementing a strong firewall. Firewalls come in the forms of either programs, devices or a mixture of both. This is worth investing in, so try to buy as sturdy a firewall as you can afford.
  • Control access – Ensure that only authorised staff can access the systems they need to do their job. Restrict unauthorised staff from accessing systems they do not need to access. This might include locking your server in a separate room or by assigning individual lines of responsibility. This will keep your system safe and allow you to manage who can make changes to your systems.
  • Implement Information Governance Policies – Information Governance relates to how information is governed within an organisation. It’s made up of all the processes and procedures that are in place to manage how information is governed, stored and controlled. Get your own policies in place that specify how information is handled within your organisation. Specify who is responsible for what. Get your employees to sign off on these policies and train them on how to comply with the policies. This brings us onto our next point.
  • Train your staff – Inform your staff about how to spot scams, how to deal with SPAM, what not to access at work and how they should behave with respect to IT security. Train, train, train! If they don’t know what to do, it’s unlikely to happen. Make sure they are aware of the importance of IT security and make sure they know about the rules you implement. Make sure you enforce those rules too.
  • Keep your network private – Prevent unauthorised access to your network by enforcing Network policies. These policies specify who is allowed into the network. If you need to provide public wireless, do it on a separate network. Make sure you change the password regularly.
  • Identify your most critical systems – Maximise security for those systems that are critical to your business. It’s worth taking the time to keep these systems protected. An office tablet is likely to be less business critical than your servers. Prioritise the most critical elements of your infrastructure and assign priority to those systems accordingly. Desktop PC’s might only need to be backed up once a day, whereas your server might need to be backed up multiple times per day.
  • Implement a disaster recovery plan – Ensure that you can be back up and running quickly when things go wrong. Plan for problems in advance. When they happen you’ll have a set of plans in place. Even better, employ a specialist like iQuda to do this for you. See our range of disaster recovery services.

Still confused about IT security?

iQuda works with SME’s across Hertfordshire, Bedfordshire, Buckinghamshire & London. With decades of combined experience dealing with all aspects of IT security, we have helped businesses of all sizes. Contact us today to discover how we can help you drive your business forward.

IT security resources

Cyber Security

Cyber Security: Advice for Small Businesses