In our post-911 world and during this time of war, you may wonder whether or not you can amply protect your company from threats associated with our growing reliance on the Internet and other connections.

The good news is that if your follow a few easy steps in your business operations, it’s easy to keep your business systems safe.

1) Be aware of your vulnerabilities.

An accounting of your connectivity is needed, including: external and internal networks, file shares where sensitive data is located, telecommuting connections, wireless systems, and your Web site and servers where customer transactions take place. Recognizing the many ways you conduct business is the first step in knowing where your vulnerabilities lie.

2) Deploy security software at all tiers of your operations.

Multi-tiered anti-virus (AV) protection includes coverage for desktops, servers and the gateway. A firewall protects the corporate gateway and any machines directly connected to the Internet. Encryption is required for the protection of wireless IT networks. And remember that home systems used by telecommuters require PC firewall port protection, as well as AV and possibly data encryption for exchanges between home and corporate offices.

3) Update your security software frequently and manage it wisely.

Security software is updated frequently by manufacturers to keep ahead of changing threats. You simply must keep your software up-to-date. A daily update of AV software provides solid protection for most companies. You need to make sure that your software is deploying pattern files and program updates throughout your entire network on a systematic basis. Many old viruses continue to circulate because AV software is not properly updated and deployed. Software with automatic update and remote management functionality will let you manage everything from one location.

4) Download software security patches for other programs you use.

You need to regularly download security patches for other programs you use, especially Microsoft Windows software. A patch is a small addition to a program, designed to correct a problem or "patch" a vulnerability in its architecture. For example, the SQL Slammer crisis that brought down ATM transactions earlier this year, could have been prevented if all companies had downloaded a simply security patch that was available for SQL servers well before the Slammer exploit ran rampant.

5) Create and enforce email, Internet and IT security policies company-wide.

Email, Internet and IT security rules need to be established and enforced company-wide, to encourage employees to use common sense with email and the Internet. Most viruses enter a company’s system through email. Internet downloads and visits to not-so-good sites can result in malware attacks. Simple rules are a must and enforcement is a key to making your security program successful.

You don’t need a doctorate in computer science to keep your company cyber-safe. But you need to be aware of your vulnerabilities and employ security products wisely, corporate-wide to protect your business from cyber-vandals.

By Jennifer Satterfield
Norman Data Defense Systems, Madison Office
608.271.6919, www.norman.com/us