Electronic Security of Business Information on Your Network

You need to start with the general security of your network.

Which computers and servers store sensitive personally identifying information of your customers and employees. Do not forget employees’ personal notebooks and home computers connecting remotely. Do your digital copiers, printers and fax machines store copies of the documents that pass through them?

All connections to your network need to be identified. The connections could be the Internet, branch offices, electronic cash registers, service provider computers and wireless devices.

Determine the vulnerability of each connection. You may want to hire a professional to conduct a security audit.

Isolate computers containing sensitive information from the Internet either physically or electronically.

Use encryption for sensitive personally identifying information. Always encrypt sensitive information send over the Internet. Encrypt backups whether they are kept on-site or stored off-site. You may want to encrypt portable store devices – USB drives, Flash Drives, etc. Even encrypt internal email that contains sensitive information. It is too easy to Cc an outside email address by mistake. If notebooks must contain sensitive information, their hard drives need to be encrypted and password protected.

Anti-Virus and Anti-Malware on servers and PCs need to be kept updated. Security updates from Microsoft also need to be kept updated. There is also software available for smart phones.

Use secure connections like Secure Socket Layer (SSL) and Virtual Private Network (VPN) when receiving and transmitting sensitive financial data and Personal Identifying Information.

Limit and secure wireless connections that are connected to your network. You need to educate your employees not to log onto your network or other secure sites using public hot spots with notebooks and smart phones. Simple packet sniffers can capture user names and passwords.

Web applications for outsiders to get or leave information should not have access to your network. A separate isolated system should be used. Your web server should never be connected to your network.

Don’t become a headline. Keep the hackers out.

Advertisements

About Bruce Demarest

Bruce Demarest is a Identity Theft Protection Specialist. He has designed and taught classes to educate individuals and businesses in identity theft risk management. The individuals have learned how to continuously monitor their financial identities from credit fraud, plus how to monitor their personal identifying information for unauthorized use. His business clients have become compliant with the federal & state privacy laws. He has conducted information security audits to identify their potential problems and has designed security policies, programs, and practices to address those problem areas.
This entry was posted in Business Identity Theft, Identity Theft Protection and tagged , , , , , , , , , , . Bookmark the permalink.

2 Responses to Electronic Security of Business Information on Your Network

  1. Pingback: Copier Security Best Practices | Bach Seat

  2. Pingback: Business Culture of Security: Do you audit your vendors? | Bruce Demarest Creating Cultures of Security

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s