Steps to a Safe Office
Running a successful business today requires an Internet connection to the outside world; but as just about anyone can tell you, that essential connection also exposes your company to a world of security problems, liability risks and productivity distractions.
Taming the Internet may be an impossible dream, but with proper planning and good advice, you can better protect your company from its less appealing characteristics.
Have a good Plan.
No matter what size business you run, the main components for securing your Internet remain the same - only the type and scale of the solutions may vary. It is recommended to deal with a trusted, reputable reseller who can talk with you about your company and help you find the solutions that best suit its needs. It is also recommended to follow this five-step plan for securing your Internet:
Set a Strong Internet-Use Policy - A strong policy lets employees know what their responsibilities are when it comes to surfing the Web on company time. First you want to determine a company-wide policy that clearly states what constitutes acceptable Web usage. Educating your employees about how viruses and other malware can infect a PC via the Internet is important.
Content filtering software lets you control where your employees go on the Web. For example, you might want to filter out hate and pornography sites or online shopping sites. Doing so covers liability issues and creates a more secure, productive environment.
Of course, being able to customize the filter is important because employees must be able to get the information they need to perform their jobs. But, concerning the restrictive limits of content filtering, "What if I have to find out whether someone called my client a 'boob?'"
Install Centrally Managed Anti-virus Software - Anti-virus software that's managed from a single point (i.e., a server) ensures that every PC in the company is automatically scanned for viruses, worms and Trojans, and that they receive regularly scheduled security updates.
Depending on the program, anti-virus software can be fairly complex. Small to medium business (SMBs) have two options.
- First, you can go with a program that a trusted reseller recommends for you. A good reseller will take the time to learn about your company by asking questions like what's your comfort level regarding technology? Can you (or someone within your company) manage the anti-virus software?"
The second option applies to SMB owners or managers who don't want to deal with any of the technology. The owner may not be tech savvy or may not have an IT staff. If that's the case, a reseller can either recommend a reliable service provider to handle the onsite installation and periodic maintenance. Often times the reseller can also act as a service provider.
A Firewall with Intrusion Detection Capability - Hackers have become increasingly crafty when it comes to attacking networks. Network worms - such as Sasser and Code Red are particularly tricky. Designed to look like legitimate Internet traffic, the worms can sail right through your firewall.
That's why you want to have a firewall that has intrusion detection capability. It will help the firewall recognize and deflect external threats such as worms and other well-disguised intrusions from gaining access to your network.
Install Host-Based Intrusion Detection - While intrusion detection at the firewall keeps worms from entering the network, host-based software - intrusion software you install on individual desktops - protects your network from attacks launched inside of your network.
If an attack comes from within the network (whether it be accidental or intentional), the firewall won't help - it's strictly for defending against external threats. Installing intrusion detection software on individual PCs protects the inner workings of your network. Major anti-virus companies - Trend Micro, Symantec and McAfee - offer intrusion detection in the latest versions of their software.
Digital Signatures - Digital signatures are used to encrypt data between locations or across the Web. They're especially important for companies that need to meet Federal regulations such as HIPPA and Sarbanes-Oxley.
For example, if you're a doctor and you need to communicate via e-mail with a specialist about a particular patient, you can use a digital signature to secure the patient's data so that no one but the specialist can access it.
Of course, digital signatures are more costly than the other four steps mentioned here. They require people to manage the encryption keys, but small businesses without the in-house resources can outsource the task to a third-party company like Verisign.