Too many small businesses fail to implement basic security measures. This lack of security makes them vulnerable to lost data, lost productivity, and legal liability issues.
The following is a list of basic Best Practices every small business needs to create a Secure Computing Environment. This list is common to most small businesses but security is a complex topic and many businesses will have additional needs.
- Strong Passwords – Must include:
- At least 8 characters
- Upper and lower case letters and numbers
- Special characters
- Change passwords every 60 to 90 days
- Enforce Strong Passwords with your Windows Server
- Consider Two Factor Authentication for computers if you don’t have a server or if you have remote computers outside of your network
- Two Factor Authentication for all online services that contain sensitive data
- Quality Business Grade Firewall
- Web Security – Content Filtering, Anti-Virus, UTM (Unified Treat Management), etc.
- Anti-virus software on all computers and servers
- Spam and virus filtering of email
- Remove or disable un-needed local user/admin accounts
- Security patching for all computers
- User training:
- How to recognize phishing attempts
- Importance of good passwords
- Don’t share passwords
- Don’t leave passwords written down in an accessible location
- Don’t send sensitive info via email (passwords, CC info, etc.)
You should be doing everything on this list to provide a basic level of security for your business. For businesses that deal with sensitive information or have additional regulatory requirements there are additional security measures that are commonly used:
- Two Factor Authentication for computer logon
- VPNs (Virtual Private Networks) for all remote access
- Remove local admin rights for users on all PCs
- Restrict user’s ability to install software
Good security starts with being aware of your vulnerabilities. Every piece of technology used by your business should be evaluated for security needs including all hardware, software, online services and Internet connections.
All of the capabilities listed here are included with our CompleteCare service. If you don’t use CompleteCare you can still implement these solutions with relatively minimal cost.
Contact Willits Technologies today for more information about these basic security measures or to have Willits Technologies do a security review of your business. Call us at 281-333-2505 or email email@example.com