Companies — small- and medium-sized businesses, in particular — struggle to protect their data. For one, they make mistakes in the strategies they employ to protect their IT infrastructure. If your organization still does one or more of these bad security practices, act quickly to correct them.
Open wireless networks
With one main internet line and a couple of wireless routers, a whole office can go online. A wireless internet connection saves money, but there is an inherent risk that it’s an unsecure network.
If you need a secure network, plugging in a wireless router and creating a basic network is not enough. If you don’t set a password on your routers, then anyone within range can connect. With fairly simple tools and a bit of know-how, hackers and criminals can start capturing data that goes in and out of the network, and even attacking the network and computers attached.
Therefore, you should take steps to ensure that all wireless networks in the office are secured with strong passwords. Many internet service providers that install hardware when setting up networks will often just use an easy password for the router, such as the company’s main phone number. These need to be changed.
Email is not secure
Most companies that have implemented a new email system in the past couple of years will most likely be secure. This is especially true if they use cloud-based options or well-known email systems like Exchange, which offer enhanced security and scanning.
The businesses at risk are those using older systems like POP, or systems that don’t encrypt passwords (what are known as “clear passwords”’). If your system doesn’t encrypt information like this, anyone with the right tools and a bit of knowledge can capture login information and compromise your systems and data.
If you are using an older email system, it is advisable to upgrade to a newer one, especially if it doesn’t use encryption.
Mobile devices that aren’t secure enough
Mobile devices offer a great way to stay connected and productive while out of the office. However, if you use your tablet or phone to connect to office systems but don’t have security measures in place, you compromise your networks.
Imagine you have linked your work email to your tablet but don’t have a screen lock enabled, and you lose your device. Anyone who picks it up will have access to your email and all your sensitive information. The same goes if you install a mobile device app with malware on it. Your infected device will spread this malicious program to your entire network and cause major disruption to your business.
Take steps to ensure that employee devices have adequate security, such as passcodes, and that your company has sufficient security policies in place to govern their use. Lastly, mobile device management solutions are specifically designed to prevent your bring your own device (BYOD) policy from being a risk with employee devices causing havoc to your network.
Anti-malware software that isn’t maintained
These days, it is essential that you have anti-malware software installed on all devices in your company, and that you take the time to configure these properly.
It could be that scans are scheduled during business hours. If you install these solutions onto your systems and they start to scan during work time, most employees will just turn the scanner off, leaving your systems vulnerable.
The same goes for not properly ensuring that these systems are updated. Updates are important for software, especially anti-malware applications, because they implement new databases that contain recently discovered threats and the fixes for them.
Therefore, anti-malware software needs to be properly installed and maintained if they are going to even stand a chance of keeping systems secure.
Lack of firewalls
A firewall is a network security tool that can be configured to block data traffic from entering and leaving the network. For instance, it can protect data from being accessed from outside the network. While many modems or routers include firewalls, they are often not robust enough for business use.
What you need is a firewall that covers the whole network at the point where data enters and exits (usually before the routers). These are business-centric tools that should be installed by an IT partner like a managed services provider (MSP), in order for them to be most effective.
How do I ensure proper business security?
The best way a business can ensure that their systems and networks are secure is to work with an IT partner like us. Our managed services can help ensure that you set up proper security measures in place and that they are managed properly. Tech peace of mind means your focus can be on creating a successful company instead. Contact us today to learn more.
Published with permission from TechAdvisory.org. Source.