BANGALORE, INDIA: The start of the New Year is a great time to take stock of your business’ IT systems and processes to ensure PCs, networks and the information they contain are safe and secure.

To help you protect your business from online threats and system disasters here is a 10-part check list to get you started.

THE BASICS
1. Use antivirus software – Antivirus software is still the best way to stay protected against viruses, worms and Trojan horses. Antivirus software should be installed on all servers, desktops and laptops – including those connecting to your network remotely. Remember, simply having antivirus installed is not enough. For maximum protection you should check for new virus definitions daily and scan your system weekly.

2. Use a firewall – Whenever you connect a computer to the Internet, you open up a pipeline directly to your network. Think about all the important and sensitive information stored in your small business network. Without a firewall you are putting that information at risk. Install a network firewall and personal firewall on each computer, especially when accessing your network remotely.

3. Backup and restore – Data can be lost or corrupted as a result of a virus or intrusion – or an accidental internal mistake. Whatever the reason, these events may damage your business if data is not backed up. You need constant backup and preservation systems in place. Make someone in your business responsible for backing up your vital data daily. In addition, backups should be made on servers and on hard disks (including remote users). Verify your backup system is working correctly by regularly testing to ensure information can be restored from the backup copy.

4. Stay up- to-date with patches and software – Most successful attacks on networks and computers exploit flaws and vulnerabilities within software applications, so security patches and fixes should be deployed as soon as they become available. Every desktop, laptop and handheld used in the office and remotely should be up-to-date with the most current operating system versions, software product versions and appropriate service packs.

WORKING REMOTELY AND WIRELESSLY
5. Secure your remote connections – Accessing your work files while travelling or at home may improve your business’s productivity but it also introduces new security risks. By using a VPN you can establish a ‘secure’ tunnel into the network and maintain the privacy and integrity of your data as it is transmitted. Minimise the important information saved and stored on remote computers and back it up regularly. Also make sure you use strong passwords and change them regularly.

6. Encrypt and hide your wireless network – Wireless networks are flexible and relatively inexpensive for small businesses. However wireless networks are easier to exploit than wired networks because intruders don’t need physical access to your hardware. Secure the connection between your wireless network and the ordinary network with a Virtual Private Network (VPN) and install a firewall at the wireless access point. You may need expert help to disable the Service Set Identifier (SSID) from being broadcast and to enable Wi-Fi Protected Access to encrypt transmitted data and prohibit eavesdropping.

DAY-TO-DAY BEST PRACTICE
7. Be a smart email user – Most security threats are spread by email. Even if you have an antivirus solution in place, the occasional infected message will get through. You should never use the preview pane function in your email and never open attachments from unknown sources or with unusual file extensions.

8. Never open junk mail – Don’t reply to unsolicited emails, not even to unsubscribe. All this does is confirm to the spammer that your email address is valid. Also be on the look out for phishing scams - emails that look like legitimate messages from places like banks - that try to get you to divulge your personal information.

9. Be careful when using instant messaging – Instant messaging can be a valuable work tool, but just like email it can be used to transmit viruses, worms and Trojan horses. Use the same caution as you would with email when it comes to opening attachments and responding to messages from people you don’t know.

10. Be alert when browsing the web – As small businesses switch to broadband connections the online risks increase. Set your web browser security settings to disable file sharing and do not give out private information online unless the site is secure. You can tell a site is secure if the URL begins https: or if there is a small padlock displayed on the screen. And whatever you do, don’t click on any pop up ads.

By ensuring your business infrastructure, information and interactions are protected you minimise the potential for damage from any breaches or disasters, leaving you to concentrate on running your business.

Author: Ajay Verma, Director, Channels & Alliances, Symantec India