Email and Web Security: Everything you need to know

What to do about it

So far, we’ve talked about the business risks and taken a management view of IT security. Now we’re going to talk about the steps you need to take to protect yourself. You can use this checklist as a starting point.

  • Virus and spyware protection. You need to stop viruses and other unwanted programs from getting in the door. With thousands of new virus variants materialising each month, it is critical that your protection is able to keep up with new and previously unknown threats as they emerge.

  • Spam filtering. Blocking spam will save employees time and reduce the risk of fraud from phishing emails.
  • Firewall. A firewall will stop viruses that spread directly over the internet, and it can also keep hackers away from your network and servers. ? Access control. Make sure that employees only have access to the information they need to do their job. To give an obvious example, don’t let the whole company have access to payroll records.
  • Policy enforcement. You need effective staff policies about employee use of the internet backed up with training that covers policies and practical matters such as the use of strong passwords. Technology can help enforce company policies on appropriate use of the internet, such as bans on downloading inappropriate images or sending certain information by email.
  • Encryption. Consider encrypting data on laptops and other portable devices to prevent thieves accessing sensitive information if they are stolen. Also, consider email encryption to protect the confidentiality of messages between your business and its partners. By default, email travelling over the internet is not encrypted which means that it can be read – like the text on a postcard – as it moves from sender to recipient.
  • Physical security. Don’t forget that a stolen server is as much of a risk as a virus-infested one. Locks, alarms, secure server rooms and visitor access control are all part of IT security.
  • Backup. Critical data, including email archives and business databases, need to be regularly backed up with copies stored offsite. Test the restore process regularly too.
  • Software updates. Make sure that all the computers in your business are kept up to date with manufacturers’ updates. These are published regularly by the major vendors and fix known flaws and vulnerabilities. Virus writers exploit these vulnerabilities to attack people who do not update quickly enough.
1 2 3 4 5 6 7

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>