Online Security
By Ramon Ray
Posted Tuesday, September 7, 2004
Locking our car doors (in many locales), securing our money and making sure our children don’t run into the streets are all second nature to most all of us.
This same type vigilance regarding securing our digital information must permeate our day-to-day business lives.
Passwords are an important gateway into your protected information. If you make the password easy, it is going to be easy for someone to figure it out and break into your computer system. The harder you make it the better. As much as possible try to mix up letters and numbers and add a few lower case and upper case numbers into the mix as well. It’s best to commit your password to memory and not write it down or you increase the possibility of exposing it to others.
Viruses are a constant and prevalent threat to all computer users – businesses and consumers alike. But because your business, is in business, viruses can pose a great economic if your computers are infected so you need to be VERY vigilant. The best protection against viruses is an anti-virus program. These programs will regularly scan your computer for viruses and automatically scan files as they are being accessed and/or downloaded into your computer system. If you have an anti-virus protection program on your PC, your personal vigilance is the next step in safeguarding your PC. Be wary of emails ending in the extension .exe, .com, .bat. pif or .dll. These are executable programs so if you are not 100% sure of who sent the file to you be very careful of opening it. Also remember, many viruses can send email from someone else’s address. So if you get an email from your trusted friend saying “open this file text.exe” it can’t hurt to ask if it came from them first. Also, using internet based mail services, such as Yahoo! and Hotmail, are a good alternative, too, because these programs allow you to scan attachments without opening, and without installing any software.
Resources: Symantec.com, McAfee.com
Firewalls should be a part of every businesses network and can serve as a first line of defense against many hacker attacks. A firewall is software or hardware device that scans incoming and outgoing information traveling over the Internet to ensure that it is authorized into and outside of your network. Let’s say that a hacker is trying to access your computer, a properly configured firewall will prevent the hackers access to your computer as they have not been authorized to do so. You may ask, if I’m accessing a Web site that requires me to download some tool onto my PC, why will the firewall let that happen? The firewall is very good at understanding those Internet connections that have been requested and are therefore allowed – and those Internet connections that have not been requested and in general are not allowed. As with all security devices, a firewall is not a perfect tool, but only an important security tool in your arsenal. It’s a device that can and has been defeated, so the best advice is to rely on your firewall as a first line of defense, utilize your anti-virus software and be vigilant of suspicious activity to your computers and be wary of email attachments and downloaded programs.
Resources: Symantec.com, McAfee.com, Zonelabs.com, Sonicwall.com, Linksys.com
Employee vigilance is one of the most important aspects of securing your business. Those with malicious intent may simply call your secretary and claim to be the VP of security and need her to urgently give them your password – will she or won’t she? Train all your staff to verify who they are speaking before releasing any security information to anyone. Establish clear security policies to guide all employees on how to ask for security information and how to release security information.
Physically securing your technology is important. It does no good to have thousands of dollars worth of software security, only to have a thief walk out with the computer that houses your customer database. The more important the data is, the more physically secure the hardware it resides on should be. Cameras, biometric devices, locks and other tools should be considered and implemented depending on your budget and security analysis.
Encryption of your files is something you should do if you have very sensitive data you want to give it an extra level of security. If for some reason your files are stolen you can have some assurance that POSSIBLY that thief can’t break into your files to get your data.
Resources: Pandasecurity.com, Cypost.com, Mcafee-at-home.com
Backing up your data (although not a strategy to enhance security) will ensure that if your data is lost or corrupted you can get it back with little downtime.
Resources: Veritas.com, backup.com, virtualbackup.com
Credit cards and online retailers
I know many people who are needlessly paranoid about ordering anything online, fearful that their credit card number will be stolen and used. This has happened – millions of dollars worth of online theft occur every year. However, think about how often you give your credit card to a complete stranger at the local restaurant, grocery store or other location. There’s no encryption between them and your credit card, as there is with most online retailers and many times authorities have arrested people for duplicating credit card information. I’ve used my credit card many times online with much success and never a problem. When using your credit card online use common sense. Ask yourself a few questions --is it a reputable retailer; do they list a telephone number and physical address I can check out; and will they encrypt my transaction? And remember, if your credit card number is used without your authorization most often you’re protected and at most will have to pay up to $50 of the unauthorized charges, but often times that fee is waived. You might want to consider getting a credit card for use only online that has a low credit limit. I also suggest you be very careful about using a debit card for online transactions. Read its liability policy but still be careful Losing $500 from your Visa card is not nearly as damaging as losing $500 from your checking account.
About the Author
Ramon Ray, (http://www.smallbiztechnology.com) - Strategic technology solutions for small businesses