... and that would be policies.
Even the most basic security setup needs computer, internet and email use policies. There are tons of templates all over the net which help keep the price low (read "free").
With that 4th step, I believe you would have a good start.
Discussion on:
View:
Show:
Following on from this, just like to say users, dont forget the users.
Number 1 source of everything that goes wrong on a network.
Number 1 source of everything that goes wrong on a network.
Always important to have defined security and usage policies in writing, easily accessed and mandatorily read and signed by all employees. It may not stop them from doing something stupid but it solves problems when it comes time to defend your decision to fire an employee for improper computer behaviors i.e. surfing porn or other no-no sites.
You forgot the very BEST thing a small business can do regards security - switch to open source everything.
Maybe, maybe not. As a user of open source I have to say that it adoption should always be carefully considered. Are there great open source alternatives out there? Yes. Are they for everyone? No. The biggest factor comes back to support and ease of use. The support is not always easy to find, particularly for the layperson, and in my experience these programs can often require a more educated user simply to use them effectively. The business owner may not wish to go through the hassle of training his personnel on the new software when the software he has already works and has a shorter learning curve regardless of the cost of the product license. Convenience has a price point as well in business.
Lawyers never touch there technology. They can easily afford to have someone come in to do what they need. Same goes for Doctors. Too much liability if they screw things up. Think patient confidentiality.
AntiVirus: You are absoutely correct. It's the first thing I loook for, EVERY TIME I SIT AT A MCAHINE. It's the last thing they think of doing and , in my opinion, the top requirement.
Firewall. I've seen businesses running straight to the net with a hub connected to the DSL modem. To many scary things can happen to even think about them. For a real small business, a basic firewall is more than adequate. If you are doing tech support for the business, Consider a VPN capable router/firewall that will allow you to connect to the network remotely. Upgrading beyond that leaves other things not done.
Upgrades. Necessary evil. They WILL break things, but not as many things as will break if you don't do them. Set every machine for auto updates.
Missing item for "BASIC" security. Install a SERVER!.
I am trying to convince a couple of Small Business clients to upgrade to this right now. Open Source is fine if you can support it. Windows Server is fine too. Just get the account security centralized on the server and stop creating users on every machine. Makes moving them around when the boss upgrades his computer "again". You know how that goes. There is usually one user who always needs a faster/better/bigger machine. So they get it and then you play musical desks with all the rest tiull you finaly throw out that last Windows98 machine the summer student gets stuck with.
AntiVirus: You are absoutely correct. It's the first thing I loook for, EVERY TIME I SIT AT A MCAHINE. It's the last thing they think of doing and , in my opinion, the top requirement.
Firewall. I've seen businesses running straight to the net with a hub connected to the DSL modem. To many scary things can happen to even think about them. For a real small business, a basic firewall is more than adequate. If you are doing tech support for the business, Consider a VPN capable router/firewall that will allow you to connect to the network remotely. Upgrading beyond that leaves other things not done.
Upgrades. Necessary evil. They WILL break things, but not as many things as will break if you don't do them. Set every machine for auto updates.
Missing item for "BASIC" security. Install a SERVER!.
I am trying to convince a couple of Small Business clients to upgrade to this right now. Open Source is fine if you can support it. Windows Server is fine too. Just get the account security centralized on the server and stop creating users on every machine. Makes moving them around when the boss upgrades his computer "again". You know how that goes. There is usually one user who always needs a faster/better/bigger machine. So they get it and then you play musical desks with all the rest tiull you finaly throw out that last Windows98 machine the summer student gets stuck with.
Use GPO to enforce robust passwords and password changes. I've seen so many small businesses where users are not required to change their password, or even to have them -- a tragedy waiting to happen.
Ensure that rights are correctly set on all network shares. Users should be given sufficient rights to do their job -- no more, no less. Again, I've seen so many small business where group EVERYONE is given full rights to the root of the network drive. Users seldom need full rights to anything. At most, they may need read/write rights to certain directories, but most users need read-only rights to most network resources. And if there's a directory that ordinary users have no business browsing, then they should have no rights to it.
And please, assign rights to groups, never to users, even if you have to create a group that contains only a single user. Users come and go; groups are forever.
Ensure that rights are correctly set on all network shares. Users should be given sufficient rights to do their job -- no more, no less. Again, I've seen so many small business where group EVERYONE is given full rights to the root of the network drive. Users seldom need full rights to anything. At most, they may need read/write rights to certain directories, but most users need read-only rights to most network resources. And if there's a directory that ordinary users have no business browsing, then they should have no rights to it.
And please, assign rights to groups, never to users, even if you have to create a group that contains only a single user. Users come and go; groups are forever.
Good thoughts all. No question. You're right, how do you pick? For me though I'd have added data protection as an essential element for those who don't lock the barn door until the horse is gone. When that inevitable hacker gets you or your system simply crashes, what does the small business do then? Most, who have not protected their data, will be out of business within months. Protect yourself! Of course, I'm prejudiced as that's the business I'm in but we've seen the results of what happens when data is not protected, and it isn't pretty.
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
