Time and time again, business owners do not understand the importance of backing up data and preparing for network security threats, and instead of putting together a FULL plan to prevent data loss, they come up with “reasons” not to, such as; lack of budget, lack of time to research and implement a solution, or just an all out lack of concern. The all so common “I will cross that bridge when I get to it” mentality, can literally spell the end of your business as you know it.
Small business network security should be a major concern for your business, if you plan to stay in business. There are many scenarios that could occur at any time without warning, that would cost exponentially more to fix, than the cost of preventative maintenance.
Here are several mistakes often made by small business owners/managers, that should be addressed immediately:
1.) Using free anti-virus software on the company’s networked computers.
Don’t get me wrong, free is great! BUT, free is bad when it comes to your clients’ and company’s critical data. The problem with free anti-virus software (such as AVG, Avira, Avast etc), is that they aren’t necessarily suited for Enterprise Level (business level) usage.
Premium and Enterprise level anti-virus products are created with infrastructure in mind, and contain features such as Phishing filters, Email scanning, Real-time virus monitoring, Email alerts, and much more. Free solutions do not offer those options usually, and are not as “robust” as the Premium and/or Enterprise level packages. Enterprise level solutions are usually more effective at preventing infection before a computer or network is compromised, which is mandatory in preventing data loss.
2.) Leaving your data “in the hands of the IT guy” without knowing what questions to ask.
Let’s use a real life example of an accounting firm that we serviced several weeks ago; where we were called out to remove a virus from a principal’s computer. Upon arriving at the location, I advised that since the infected computer was part of a server equipped network, I will need certain information to know what needs to be done and NOT done to the computer. Here are the questions that I asked:
“Is there a firewall?” Answer: “I don’t know”
“Is the data from this computer backed up to the server?” Answer: “I think so”
“Does the IT guy handle the updates on the server and/or computers? Answer: “I don’t know, I just downloaded and installed the updates for my own computer today”
Those questions received the WRONG answers! I know that business owners and employees that aren’t technicians wouldn’t understand many technical issues, but an IT person or department should always communicate to the staff what is being done. Where is the data being saved to? Can the data be restored if needed, with no problems? Where are my personal files on the computer being backed up to? What websites should I avoid? Is our company secure from network security threats, hackers and internet thieves? Are our computers being updated with Windows updates often to thwart security exploits? How often does the server backup our data and exactly what data is backed up and what files, software etc would we lose during a disaster? Do we have the best network virus protection available?
The right questions get the right answers…every time!
3.) Avoiding a preventative maintenance plan for your networks and computers to “save money.”
How much would it cost your company, if you data was lost? GONE? Your important contacts, payroll records, new digital leads, logs, invoices, inventory, client database, accounts receivables records, sensitive client information, important proposals, etc? Imagine the data you need the most for the survival or growth of your company, completely wiped out. What do you think that would cost you in loss profit and/or potential future revenue?If you have employees, what would downtime cost you, or the amount of time spent with the network and or computer(s) not functioning?
It is extremely important to consider these possibilities now and plan for them, since it isn’t a matter of IF data loss will happen, it is a matter of WHEN. Be prepared!
4.) Not having a stringent policy in place regarding internet usage and computer access.
Part of having a good internet policy in place, is being educated on how the computers should be used and maintained to avoid costly problems. A big problem currently, is the average computer using not knowing what websites, links, banners, online games, etc to avoid; in order to keep a computer clean from malware or other malicious possibilities.
For instance, an employee decides to check out Youtube, while clicking on junk emails. Employees in the company have problems accessing files that are needed in order to conduct business, due to a server slowdown caused by Youtube killing the company’s internet bandwidth. Meanwhile, a trojan creeps into the network through a junk email and infects the network causing all of the local folders on each computer to be deleted and unrecoverable.
An internet policy which includes limited access to installing software, clicking certain websites, watching streaming video etc, would have avoided the problem to begin with. Always educate employees, set a policy and enforce it to avoid costly problems.
5.) Trusting your data to “The Cloud” or your onsite backup solution.
The problem with digital data is, it “doesn’t really exist!” There is no physical medium in place that holds data and secures it against loss at all. The only prevention to digital data loss is constant and SMART – backup. Many businesses trust that their data is being backed up properly, since they have a provider of cloud based or online data storage. That spells a recipes for disaster. A business owner should always keep crucial data backed up to a physical medium such as an external drive(s), and kept off-site such as at a house or storage facility, to avoid unforeseen circumstances that would destroy data storage media.
Trusting backup of a network and computers to a server is also not a wise decision. A server with several “mirrored drives” that backup multiple times a day could fall victim to an electric surge or spike, causing hardware failure at any time, wiping all of the backups out also. Once again, critical data should be backed up regularly and kept OFF-SITE!
Regardless of the vendor’s promises to keep your data safe and secure, never put full trust in the cloud, or a server. Maintain regular backup and have the backup tested regular to ensure that in the event it is needed, the network and/or computer(s) can be restored to continue operation of the business and remain profitable, without a hiccup.
Hopefully those tips have provided a bit of insight as to what steps should be taken to keep a secure and prosperous business. Any questions, please feel free to visit our website and send me an email! Any comments are highly encouraged.
Jarvis Edwards – TekTime