This time of year many of us vow to drink less and exercise more, but you should also think about getting your business into better shape. Vowing to do better in 2016 might be the best business decision you make this year.
If work slows down a bit over summer then it’s the perfect time to tackle those jobs you’ve been putting off. Two of the most important tasks are reviewing your security and back-up procedures — bolstering your defences and protecting your data should disaster strike.
Your security audit could be as simple as reviewing your password policies to ensure you’re not reusing passwords and that your older passwords meet your current minimum requirements in terms of length and complexity. It’s also worth checking whether more of your service providers have added the extra protection of two-factor authentication.
While you’re at it, ensure that all your computers, handheld devices, networking equipment and network storage devices are running the latest security patches. Check that your antivirus is up to date along with applications such as instant messaging, web browsers and your Virtual Private Network client. Don’t forget Adobe Flash and Reader, which are regularly updated to address security issues.
If staff are connecting to the internet while away from the office then it’s important they use a VPN to protect their activities from prying eyes. You can never be too careful when using public Wi-Fi hotspots or Ethernet connections in cafes, hotels and airport lounges.
Your security audit shouldn’t just consider external threats. Perhaps you’re due for an audit of admin rights and secure access throughout your organisation, assessing who needs a physical key to the office door as well as who needs the digital keys to the business.
People are the weakest link in the security chain. It’s important to discuss social engineering threats with staff, such as phishing attacks. Threats vary from bogus invoices, hoping you’ll pay them without question, to cryptolocker attacks which encrypt your data and hold it to ransom.
Your best insurance policy against cryptolocker attacks is an extensive and reliable backup regime. Don’t just rely on USB sticks and network storage drives located in your office, it’s vital to incorporate offsite backup in case fire, flood or theft claims both your computing devices and your onsite backups.
Backing up your My Documents folder might not be enough. Consider where important applications like your email client store their files and ensure these folders are also backed up.
Even if you’ve already got a solid backup system in place, it’s important to check that it’s running smoothly. You should regularly check your backups and test your recovery procedures to ensure that everything is in order, rather than waiting until disaster strikes to discover that your backup system has let you down. Also assess the security of your back-ups to ensure they don’t present an easy back door to hackers.
Many businesses ignore security and backup issues until it’s too late, so get on top of them early in the new year to ensure smooth sailing in 2016.