All businesses need to secure their information assets, but small businesses have a specific challenge: securing their information with easy-to-use and inexpensive tools. For small business owners who are not “computer geeks” this article explains five free and easy steps to achieving effective information security.
Step 1: Lock the Door — Firewalls
Any computer or computer network that connects to the Internet is susceptible to attacks from attackers. Attackers (or hackers) look for computers with weak security. To exploit a security vulnerability the attacker needs access to the computer, which is most easily obtained through an existing Internet connection. The attacker can probe the target computer through the Internet connection to search for security weaknesses. A firewall helps prevent the attacker’s probe by restricting incoming and outgoing data traveling through the the Internet connection. In this way, the “open door” of an Internet connection is “locked” and only data approved by the firewall is allowed in or out. The attacker is effectively blinded.
Several software firewalls exist, and if your computer is running a Microsoft Windows XP or Vista a firewall is built in to the operating system (it just needs to be turned on). Other popular free firewalls include Comodo and ZoneAlarm. To secure a small network use an inexpensive hardware firewall.
Step 2: Buy a Safe — Encryption
During the normal course of business, data is saved on a computer’s hard drive. This data includes sensitive or confidential items, such as invoices, credit card information, financial spreadsheets, proprietary process or product data, and customer contact information. One way to keep data safe is to encrypt it. Encrypting transforms normal data into an unreadable form that can only made readable again when decrypted with the correct key or password. A computer with encrypted data will appear to store meaningless, random data to the casual observer, but a person with the correct key/password will be able to restore the data to normal. For example, if a laptop with encrypted data is stolen the thief will not be able to access any of the sensitive information since he doesn’t have the encryption key.
One free encryption tool is TrueCrypt. Certain versions of Windows Vista include the encryption tool BitLocker.
Step 3: Get Insurance — Back-up Your Data
No matter what causes a business to lose data, having a timely back-up will greatly minimize the loss. Copying important files and e-mail on a weekly basis to a removable storage device is an easy way to create a back-up. An inexpensive external hard drive or flash drive needs to be plugged into the computer, the files copied over to the removable device, and then the removable hard drive should be stored in a different location than the computer. Keeping physical distance between the back-up data and the working data is an important factor in reducing the risk of catastrophic loss. This can be as simple as keeping the back-up hard drive in a bedroom closet. Don’t forget to back-up e-mail and to encrypt the backed-up data.
While the important data can be manually selected and copied, a couple of free, automated back-up utilities are Back2zip and Comparator. If the price of an external hard drive is a concern, back-up files can also be stored on DVDs.
Step 4: Hire Security Guards — Anti-virus
Even the most careful Internet users are occasionally exposed to a computer virus. These nasties can enter a computer system through contaminated e-mail attachments, through malicious programs installed by hackers (see Step 1), from infected files downloaded by users, and occasionally by surfing to a specially-coded infectious Web page. Once on an internal network, some viruses can self-propagate through the network infecting all the connected computers. Viruses will delete data, write random data, and cause a computer to slow down. Anti-virus programs act as sentinels to screen incoming data and test it for viruses. If a virus is found, the anti-virus program will quarantine or kill it.
AVG Anti-Virus Free, PCTools AntiVirus and Avast! Home Edition are free anti-virus programs.
Step 5: Light’s On, Everybody’s Home — Awareness
Perhaps the most important security tool is user awareness. Do not download programs off the Internet and install them without checking their credibility at other web sites. Do not open e-mail attachments from unknown persons or suspicious e-mails. Do perform Steps 1, 2, 3, and 4 as soon as possible. Do create a security plan and perform a self-audit every 6 months — Is the anti-virus up-to-date? Are all the right files encrypted and backed-up? Are there any new computers on the network and are they secure?