10 essential checks to test your IT Security

By Anita Jaynes on 3 January, 2017

With a New Year comes New Year’s Resolutions, one of which might be to ensure your business is better protected against the ever increasing threat of a cyber attack.

Around 60% of SMEs go out of business in six months of a security breach according to MSPC Compete Guide to Cyber Security. Adam Harling, Director of Netitude, a Managed IT Services Provider (MSP) based in Frome, has set out a questionnaire for The Business Exchange, to check your company’s IT security is all in order and if not, what you need to do about it.

  1. Do you let staff choose their own secure passwords?

Your staff should have passwords they set themselves, which are known only to the account holder and your systems should be configured to force a complex passwords of a suitable length (8 characters or more) to prevent ‘brute force’ hacking attempts.

  1. Have you bought computers but not installed any virus protection software?

Get advice on the best computer anti-virus and anti-malware software available for your environment. Don’t skimp with free low quality products and make sure every computer is protected and most importantly, the software is kept up-to-date.

  1. Do you rely on staff to educate themselves in spotting threats?

Make sure everyone using a computer has been trained in the basics of e-security. Alert them periodically of new threats so they are aware of them and know what to do if they encounter a suspect email or download.

  1. Do your staff access work data via their own smart devices?

BYOD (Bring Your Own Device) is a work norm now. Make policies for accessing any work data via your staff’s personal devices. Agree terms of access before allowing anyone to use their own devices for that access and use the right licencing that allows remote wipe, should you need to remove data quickly.

  1. When you fire or make staff redundant do you keep the same passwords in place?

Keep a tight ship and change passwords or disable accounts when people leave the company – especially when they leave ‘under a cloud’.  Make sure passwords change and your sensitive data is out of reach.

  1. Do you keep old unused accounts and not delete them?

Old accounts can be vulnerable to abuse. Track all the accounts that are linked to your company and delete the ones that are not in use.

  1. Do you leave your computer files and docs you are working on open when you go out of the office?

If you are working in a busy, crowded office or somewhere where it is possible for a lot of people to come in and out, this may not be a smart idea – if there is sensitive data that can be accessed. To really clamp down on security, always log off or shut down for lunch or when out of office for extended periods. It’s also good practice to have your system lock automatically after a short spell of inactivity.

  1. Do you back up data?

Simply put, if you don’t backup data regularly, one day you will regret it. Whichever way you choose to back up, just make sure you do it.  Backup today is not only about having a copy of the data but also how quickly you can invoke that backup data and get your systems and people working again. Always look at the time till recovery as a factor in your backup system choice.

  1. When you back up data, do you do it on hard drives in the office?

Today – smart businesses use the cloud for backup. Having a known good copy of your data in a remote location could save your business in a disaster situation. Cloud backups also mean easy automation which means nobody ‘forgot to change the tape’ and your data is always safe and available.

  1. Protect your perimeter

Your network perimeter and firewall will be under attack every single day. Modern ‘crypto’ type viruses and malware can wreak havoc on your network and stop your business dead by encrypting your data and demanding a ransom to unlock it. Modern UTM (Unified Threat Management) products can protect your network perimeter and also block viruses from ‘talking’ to ‘command and control’ to prevent data encryption – an essential investment for any business.

For more IT security advice visit www.netitude.co.uk or call 0333 241 2323.

Pictured above: Netitude managing director Adam Harling.