Three Easy Steps to Improve Your SMB's Security

Paul Mah
Slide Show

Eight IT Projects SMBs Should Consider Implementing

New developments and products are changing the shape of IT implementations for SMBs.

Having sleepless nights due to widely reported digital break-ins that seem to have hit everyone from government agencies, defense contractors and businesses of late? If large corporations could be penetrated by hackers, where does that leave a small and mid-sized business? I have no concrete figures on hand that can assuage you, though the three simple pointers outlined below should go some way towards improving the security posture of your SMB.

 

Ensure Everyone Is Using a Modern, Secure Browser

 

I've written in the past about Microsoft's plea for businesses to upgrade from Internet Explorer 6 (IE6), even as I've tried to persuade SMBs to avoid using Internet Explorer as their primary browser - or at least to upgrade to the newer and more secure IE9. The unpalatable truth is that IE6 continues to live on in corporate IT, possibly due to ignorance or laziness to change on the part of end users. Moreover, other contributing factors include compatibility with internal CMS or Web portals present in some company.

 


Yet it is undeniable that the browser has become the primary channel that exploits and malware use to infect computers. As you can imagine, a concerted move to ensure that all employees are on a modern, secure browser when surfing the Internet can reap huge dividends. While it is, of course, preferable that older browsers are completely uninstalled, some SMBs may opt to keep them for the primarily purpose of accessing older internal systems that may not be compatible with modern browsers.

 

Enable Disk Encryption

 

With more employees than ever using laptops in their daily work, it is inevitable that the occasional laptops may be lost due to carelessness or theft. When that happens, the biggest anxiety is often related to the fear of a data breach. This may pertain to confidential business information, electronic correspondences or even records of customers that may have been on the lost laptop. Thankfully, disk encryption software exists today to help protect company data. This can be activated by turning on BitLocker disk encryption on Windows machines, or using third-party tools such as the open source TrueCrypt. Typically, no follow-up maintenance is required after initial installation and configuration of disk encryption.

 

Password Manager for All Employees

 

Finally, as I wrote in a recent post, is it surprising that users are reusing the same passwords in the absence of an easy way for them to manage multiple passwords? A more practical way to ensure that the same passwords are not used across all systems would be the presence of good password management software. In "Three Tools for Proper Password Management," I briefly described three popular tools such as KeePass, 1Password and LastPass. If you want more options, though, a reader has also suggested Password Safe, which is another mature password utility released under open source auspices.



Add Comment      Leave a comment on this blog post
Sep 6, 2011 5:25 AM TechFan33 TechFan33  says:

I noticed you mentioned password managers that are known for their open source or cloud based technology. Do you have any experience with Roboform or MyLOK usb formats?

Reply

Post a comment

 

 

 

 


(Maximum characters: 1200). You have 1200 characters left.

 

null
null

 

Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.