Reduce your IT risk with these 10 simple rules.
Always ensure you following these simple rules .
1st rule – Data loss prevention – Backups
Protect your data by ensuring a backup is completed at least every 24 hours (including a process to take the backup to a second geographical location). Archive your data each year in hard copy and keep in a secure location (eg a fireproof safe).
2nd rule – Archiving
Keep archived data on up to date technology transferring it every 2 years to the latest media (eg.CD then DVD, then USB drive then solid state USB3 etc). This ensures it can be retrieved if there is a professional indemnity claim against the firm. Keep all archives for a minimum of 7 years. Password protect your backed up and archived data to ensure if lost then access is restricted to those with the password.
3rd rule – Passwords
All passwords including those related to the database software (eg. FilePro) as well as every single other password used in the business should be retained by the owner. All passwords should be able to be changed by the owners at any time.
4th rule – Disaster recovery
Setup a process that replicates your complete systems from one office location to another (ideally every 15 minutes) so if the office location hosting the server is rendered unusable then you can keep working and do not lose time or data.
5th rule- Anti Virus/Malware
Implement security software tools on all your systems (especially servers) that protect against the contraction of virus and malware software.
6th rule – Power protection
Install batteries (uninterrupted power supply UPS) in your office to ensure your servers continue to operate in short lived power outages. Instant power cuts to servers crash the operating system and can cause data corruption or the server to not function correctly afterwards.
7th rule – Remote Access
Limit access to your company’s systems and data from specific Internet connections/sites. For example selected staff can access the system from their home internet connections but from nowhere else. Also encrypt the data between the locations using a Virtual Private Network.
8th rule – Firewall
Ensure your computer network is protected from external access via the Internet. This is usually handled by your router/modem device on your network. Use a business grade modem as it will offer much better protection. Also ensure it is setup by an IT professional to configure it correctly. Arrange for an external technical organisation to complete a threat assessment on your network to check if there are any vulnerabilities once every 6 months at least.
9th rule – Password lockouts
Make sure that if a password is entered three times incorrectly into your servers the system locks them out as they may be a hacker and automated software trying to access your systems by trying many passwords.
10th rule– Data Sovereignty
Ensure that all measures put in place to protect your applications and data do not allow data to be sent outside of Australia (eg. Using Dropbox as a backup).
for more news you can visit our blog