Home / Uncategorized / Simple Steps to Small Business e-Security

Simple Steps to Small Business e-Security

| June 9, 2009
e-Security Awareness logo

So what are the few key things that one needs to do especially in a small business context?

The phenomenal developments in technology play a key role in the growth of digital economy, which is vital for Australia. Hand in hand with this growth is technology related crimes. This is where eSecurity comes in. In simple terms, it is about protecting your personal and business assets from attackers and criminals.  The e-Security Awareness logosecurity and privacy challenges we face in this digital economy are multi-faceted involving technological, business as well as legal aspects. 

So what are the few key things that one needs to do especially in a small business context?  Here are some simple tips that can be useful.

The first and foremost is be aware of the attacks and threats that are happening which are relevant to your set of circumstances. For instance, if you business is using a set of computer systems and software, make sure you have installed all the anti-virus and security software that are needed for your systems. An important thing to note here that it is not a one off process; it is critically important to keep these up to date, that is, make sure you regularly update all the security patches the vendors of the software products release (for the software in your systems). 

e-Security AlertsThere is also no such thing as absolute security. It is relative to set of threats in the environment. So you need to do a security assessment of your environment and determine what threats and attacks are possible in your situation and look at the different protection mechanisms that you can use to Self-Assessment Toolcounteract them.  The main aim is to minimise the risk while maximising your business opportunities. Determine critical nature of threats and identify the type of layers of defense that will reduce the risk to an acceptable level in a cost-effective manner.

ScamWatchHaving emphasised the need to identify the security threats in your environment and do a systematic security risk assessment, there are a few simple precautions that you can take in general to make it much harder for a hacker to access your data.

  • Install the security software such as anti-virus, firewall etc.
  • Regularly check for updates (in fact do automatic security updates)
  • Don’t keep your passwords anywhere near the computer
  • Create strong passwords with a combination of letters, numbers and symbols and phrases (avoid easy-to-guess birthday, pet’s name, etc.)
  • Set up security logs in your system and review them regularly. This can be done by automated software which can track attacker attempts, review the logs and send alerts to your system admin.
  • Set up user authentication and access control in your systems. Simply identifying different users in your system and setting what rights they can have. John may a different right than Jane to your customer records
  • FChange your passwordor highly sensitive data, consider encryption – which is making your data unreadable in the event that an attacker penetrates the system
  • Do regular data back up and archiving. This is very important so that you can restore vital data should an attacker manage to corrupt your data files
  • Finally past experience tells us, majority of the attacks often come internally (from the organisation) rather than externally.

Vijay Varadharajan is currently Professor and Microsoft Chair in Innovation in Computing at Macquarie University (2001-todate). He is also the Director of Information and Networked System Security (INSS) Research. Before this he was Chairman of School of Computing and IT at University of Western Sydney (1996-2000). A renowned global expert in the field of e-Security, he is Chair of the Australian Computer Society’s eSecurity Taskforce.

____________________________________

Prof Vijay Varadharajan is a guest blogger of our "e-Secuity & Small Business" forum which is part of the National e-Security Awareness Week, an annual initiative aiming to raise awareness about the importance of e-security among Australians.

To learn more, visit http://www.staysmartonline.gov.au/ today.

To find out about how to protect your business and your customers and stay safe when working from home, go to http://www.staysmartonline.gov.au/small-business-security, or sign up for the following free services:

__________________________________________

SHARE WITH: