While it’s impossible to plan for every potential computer disaster or emergency, below are the top 10 biggest threats and disasters that wipe out businesses and simple, easy steps you can take to dramatically lower the chances of them happening to you.
#1 Viruses & Worms
Today, viruses are still by far the most common type of network security threat. Viruses can do a wide range of damage from displaying a steady stream of annoying popup ads to freezing your entire network and corrupting your data. Not only can a virus corrupt your files and bring down your network, but it can hurt your reputation. If you or one of your employees unknowingly spreads a virus to a customer, or if the virus hijacks your e-mail address book, you’re going to make a lot of people very angry.
Worms are even more dangerous because they don’t need a host file to infect your network; they can simply be embedded into an e-mail. Once a computer is infected with a worm, it can make quick copies of itself and infect an entire network within a few hours. Because of this, worms are responsible for a good number of companies’ widespread network failures.
Obviously you need to make sure every PC and laptop in your office has anti-virus software installed. We recommend . But you can’t just install it and forget about it; someone needs to monitor your network to make sure every machine has the most up-to-date version installed AND to make sure the software isn’t accidentally disabled.
#2 Not Backing Up Your Data
It just amazes me how many businesses never back up their computer network, OR only keep an on–site copy of their data. Imagine this: you write the most important piece of information you could ever write on a chalkboard and I come along and erase it. How are you going to get it back? You’re not.
Unless YOU MADE A COPY OF IT, you can’t recover the data. It’s gone. That is why it is so important to back up your network. There are a number of things that could cause you to lose data files. If the information on the disk is important to you, make sure you have more than one copy of it.
The first step is to make sure you have a good on-site copy of your data. We recommend –up solution.>
Second, it’s absolutely critical that you keep an off–site copy as well. No one expects a flood, fire, hurricane, tornado, or other natural disaster. But did you ever consider theft? What if someone breaks into your office and takes every single piece of computer equipment you have? It has happened.
#3 Not Testing Your Back-ups
This is another big mistake I see. Many business owners set up some type of back–up system, but then never check to make sure it’s working properly. It’s not uncommon for a system to APPEAR to be backing up when in reality, it’s not.
At least once a month, have someone perform a restore of your data to see if it CAN be restored and to see if your data is intact. Tape drives have a failure rate of 100%—that means ALL tape drives will fail at some point.
Problem is, it often happens without any warning or sign, so you THINK you are backing up a good copy of your data when you aren’t. Remember the Health Products Company that shelled out $40,000 to recover data they THOUGHT they backed up? Don’t let this happen to you. Frequently test your data back–ups.
#4 Trojan Horses
A Trojan horse is a malware attack that hides in something innocent such as a screen saver, computer game, or even a YouTube video.
Not too long ago the Saddam Trojan horse infected a number of PCs by using a link in an e-mail that promised to connect to a web page that showed the Saddam Hussein hanging, but instead infected the user with malware. Once installed it was designed to record screen shots and key strokes to steal financial information, accounts, and passwords.
Trojan horses are very difficult to remove so an ounce of prevention is worth 5 pounds of cure. Educating employees is not enough to protect against these attacks because hackers are constantly coming up with new and innovative strategies to access your network.
Spam is an irritating and potentially malicious menace that every business has to deal with. Not only does it kill office productivity, introduce viruses, worms, and Trojan attacks, but it can also take up so much bandwidth that it causes your network to crash.
When it comes to fighting spam, fortunately, a great deal of spam can be filtered out by a good email filter.
#6 Not Maintaining a Secure Firewall
Small business owners tend to think that because they are “just a small business,” no one would waste time trying to hack in to their network, when nothing could be further from the truth. Experiments have been conducted where a single computerwas connected to the Internet with no firewall. Within hours, over 13 gigabytes of space were taken over with malicious code and files that could not be deleted. The simple fact is there are thousands of unscrupulous individuals out there who think it’s fun to disable your computer just because they can.
Insert your recommendation here for a good firewall.
#7 Not Updating Patches & Updates
Software companies (like Microsoft) are always discovering security loopholes in their programs that allow hackers to access your network. That is why they offer patches and updates to their users for free.
However, most hackers do NOT discover these security loopholes on their own. Instead, they learn about them when Microsoft (or any other software vendor for that matter) announces the vulnerability and issues an update or a patch. That is the hacker’s cue to spring into action; they immediately analyze the update and craft an exploit (like a virus) that allows them access to any computer or network that has not yet installed the security patch. The time between the release of the patch and the release of the exploit that targets the underlying vulnerability is getting shorter every day; that is why it’s important to keep an eye out for security updates and patches.
We recommend that you <i< span=””>nsert your recommendation here for patch and security updates.></i<>
#8 Phishing Attacks
Phishing refers to spam e-mails designed to trick recipients into clicking on a link to an insecure web site with the intention of stealing account information and passwords for e-commerce sites, as well as credit card and bank account numbers.
Chances are you’ve received the infamous PayPal e-mails alerting you that your account is going to be deactivated or closed if you don’t log in to verify your account information. This is a classic phishing attack.
The best line of defense is educating employees on how hackers try to phish your account information. Even though simplistic phishing attempts like the PayPal scam now seem obvious to regular Internet users, a single phishing attack can compromise your entire network’s security if the employee is tricked into giving his network account information. That is why you need to frequently remind your employees to never enter personal information in a web site solicited through an email.
#9 Hardware Loss & Data Fragments
Not long ago a number of government laptops were stolen, making national news. This story brought to light another security problem for businesses: stolen laptops and computers. While this may not seem like a big issue, it is a major contributor to the10 million cases of identity theft suffered by Americans each year.
1. Encrypt sensitive company data, especially the laptops used by employees who frequently travel. If your laptop gets stolen, this will prevent the thief from doing further damage by accessing financial records, patient files, sensitive client data, and other confidential information.
2. Wipe and/or shred files on old hard drives before they leave your organization.
3. Develop a policy for keeping track of employees’ use of smartphones and USB memory cards around sensitive data.
#10 You & Your Staff
No, we are not kidding. End user mistakes are often the biggest threat to a network’s security. Whether it’s downloading a virus, accidentally deleting an important folder or file, visiting shady web sites, or sharing confidential information, end users are usually at the root of every computer problem.
That’s not to say you and your employees are intentionally doing things to harm your network; in most cases, the damage is done innocently enough. But a virus’s effects are the same whether the download was intentional or purely by accident.
All of the above measures will go a long way in preventing problems; but we also recommend continually educating you and your staff on proper e-mail, Internet, and PC usage. We also recommend regular maintenance and monitoring of your critical data and systems so that IF a problem arises, it can be dealt with immediately and the damage minimized.