Customer details, financial records, staff information - you probably store lots of sensitive data on your business devices. If you use cloud computing services, you might also have sensitive data stored outside your business too.
Wherever your data is stored, it's important you take a multi-layered approach to keep it safe.
Building a secure IT system
Your business needs good security equipment to ensure strong computer internet security. This may include the following hardware:
- A firewall, which sits between your computer network and the internet to provide computer protection by checking all data that's sent and received.
- An uninterruptible power supply, to protect key equipment like network servers in the event of a power outage.
- Locks and metal cables to physically secure key computer hardware and make it difficult to steal.
You also need some key computer protection software to secure your IT system:
- A security package should run on every device to protect against viruses, spyware and other threats.
- A spam filter will prevent junk email entering your business and causing harm and disruption.
- Backup software helps you take safe copies of important data just in case you do run into security problems.
It's important you keep all the software on your business computers up-to-date, as attackers often take advantage of security holes in older software versions. Often, newer versions of software - like Microsoft's operating system Windows 10 - contain additional security features to protect your business.
In many ways, storing your business data in the cloud is actually more secure than relying on servers in your business. If you choose a trusted cloud provider, they may have a whole team of people working just on security. After all, their business relies on their reputation - and a single security breach could spell disaster for them.
Physical computer protection
It's no good using impregnable computer protection software if anyone can walk into your business and steal your devices. Take steps to ensure physical security:
- Keep your business premises secure. Use good locks on doors and windows, install an alarm and control who can enter your building.
- Secure individual computers. Lock computers to desks with security cables. Lock away mobile devices like laptops and tablets when not in use.
- Isolate network servers. Your server is the hub of your IT system, so keep it locked in a separate room and limit access to essential personnel.
- Think about natural disasters too. Keep key equipment where it's less likely to be affected by floods, and install fire prevention equipment.
- Security mark computers and components. This discourages thieves and makes recovery of stolen equipment more likely.
Take special care of portable items like laptops, smart phones and memory sticks. These are easily stolen, lost or damaged. In such cases, the data stored on the devices is often worth more than the hardware itself, so make sure files are backed up elsewhere and that you have 'remote wipe' or 'remote kill' enabled so that you can prevent your data getting into the wrong hands.
Computer protection policies and procedures
Computer protection is best approached in a structured way. Analyse the risks faced by your business and how to protect against them by putting together a security plan. You also need strong IT policies covering key aspects of computer protection:
- What kind of internet use and material is unacceptable.
- How sensitive data and confidential information should be handled.
- How to take care of company equipment like laptops, tablets and smart phones.
- Whether employees can install and use unapproved software.
- Using email - how to deal with attachments and personal use.
Save £5 and pay £30 for a year's access to 740 business document templates. Use code SLD7948.S
Establish standard procedures so your staff know how to prevent, spot and respond to computer internet security threats.
Early detection can really help to minimise the damage caused by a virus or malicious hacking attempt. Try and foster an open approach to reporting security issues, so staff aren't tempted to try and hide problems, even if they are at fault.