justin bell

Make sure anti-virus software is up to date and regularly updating

Anti-virus software is essential in today’s environment. But if it's not up to date and being regularly updated, it soon becomes little better than no anti-virus at all.

Set your anti-virus software to check and install updates everyday at a time when the computer will be switched on. Make sure it updates automatically as this trumps trying to remember every day.

Anti-virus software does not have to be expensive. Microsoft offers a free anti-virus software called Microsoft Security Essentials, which doesn't slow your system down and works well in the background. Find it here

Secure your wireless access points using WPA2 security

Wireless access points allow access to your computer network and or internet connection. Remember if someone can get onto your network, potentially, they can get into all your stuff! Make sure that the security on the wireless access point is set to WPA2 with a strong password. Do not use WEP security as that is easily hacked.

If your wireless access point has WPS (wi-fi protected setup) then either disable it (the WPS feature that is!) or replace your wi-fi router with one which does not have WPS (WPS was an easy set-up technology for wireless access points which has been hacked and is no longer secure).

Setting up your wireless access, will be detailed in the manual which came with your device. If you don't have that manual, most maufacturers have manuals available on their website for download.

Enable Automatic updates on your Windows PC's

Enable the automatic updates feature on your Windows PC and have it install updates automatically at a time when the computer will be switched on (and preferably not in use as they can slow the system down - lunchtime maybe?) This way you will have the latest security patches installed on your computer.

The default setting is to install at 2am or thereabouts. If you leave your PCs switched on overnight then that would be fine, but if you switch off overnight, have the updates install during the working day. To amend your updates settings go to control panel and then find the icon for updates.

The sooner you update the sooner you will get the fixes for the vulnerabilities in your operating system and the smaller the window for the bad guys to exploit that vulnerability.

Don't install Dodgy software

Don't install any software on your computer unless you are 100% sure of the source. Adding things like the Chrome Browser from Google or Firefox from the Firefox website should be fine. Adding toolbars, pointers, emoticons, etc. not so good.

If you don't know the source of the software don't install. This is a business computer after all, a tool to be maintained to help you do your work. Dodgy software can install malware on your system, but even if it doesn't, it may just be badly written and crash your computer or add things that you don't need running in the background and slow your computer to a crawl.

Choose unique passwords for your systems – Use Last Pass

Password are the way we let systems know that we are who we say we are. However, easy passwords can be guessed. There is a good microsoft page on strong passwords here. Strong passwords are difficult to remember and so can get written down. If that list is found, then your work on strong passwords was for nothing! I recommend using Last Pass (link here)  it's a free system which remembers your passwords for you on your computer, so you don't have to. You just need the Last Pass password. Last Pass will generate secure passwords for you as well. Just remember to choose a strong but memorable password for Last Pass, and if you write it down, put it away somewhere safe!

Don't click on links in emails

Unless you are receiving a link that you are expecting, from someone you know. DO NOT click on the link. Links, even if they look like an innocent webpage, can and do install all kinds of nasty stuff, that you really don't want, onto your system. If you click yes to a link and it contains bad stuff you are to a large degree going around the security you already have in place. Don't click on links!

Remove passwords and logins of employees who have left the company

When an employee leaves the company, either remove their user accounts completely, or if you still need access to their stuff, change their passwords. This includes passwords to any shared stuff they might have had access to.

Most ex-employees are honest and trustworthy, just don't leave open access for the ones who are not (clue, you can't tell by looking!)

Yes it's a bit of a pain to do, especially on a shared resource, but if you are using lastpass anyway, you will only have to do it once.

Do Backups

Should the worst happen, despite your best efforts, and you lose your data, having a reliable backup is the only way to get your data back. Your backups are your safety net.

Data backup has got a lot easier in recent years, whereas in the past you would have had to remember to change tapes in backup drives regularly etc. Now things are more simple.

The best rule on backups that I have heard is the 3-2-1 backup. Which means that you should have 3 copies, on 2 different types of media and 1 of those should be offisite. Recent versions of Windows do include their own native backup application.

I would tend towards a backup in your office to an external hard drive or network attached storage. This has the advantage of being readily available for restores and can be setup to be automatic. I would also back up on a weekly basis to a thumb drive or similar for you essential files. The third backup I would recommend would be an off-site backup in the cloud, check out Carbonite and Mozy UK for those options.

The cloud backups are fully automatic too. If it's automatic, it doesn't have to be remebered, and it can't be forgotten!

Check your backups regularly to ensure that they are working. Check for instance that you can find and restore a recently backed up file. 

In deciding what to backup, just go for the stuff you can't easily replace. Don't bother backing up applications or the windows system as they can all be re-installed if need be. Back up your data, your documents and information needed to run your business. Don't forget shared folders if you have any.

Accounting software usually has its own backup system built in and I would suggest that be backed up to local folder which will in turn be backup to the cloud and to an external thumb drive daily

I hope that this post has been helpful. Remember that the only way to make a truly secure system is to unplug from the internet! The measures outlined above can help to reduce risk considerably, but there is no such thing as risk free IT security, it's all about balancing risk with convenience. If it needs to be done regularly, automate it if possible, and then check to see that it's still working!