be-nz logo
Story image

Best security practices

01 Feb 2011

  1. Close security gaps: laptops travel, and contractors and visitors connect to your network. Protect network endpoints, not just perimeters.
  2. Integrate defences: combine anti-virus, firewall, intrusion detection and vulnerability management at endpoints, and add encryption if they travel.
  3. Patch software: threats evolve, so close vulnerabilities quickly by applying updates from Microsoft and other software providers.
  4. Update virus definitions: keep your virus definitions up to date so your anti-virus software recognises new threats.
  5. Alert employees: warn them about attachments and links in unexpected email, and in software downloads before they are scanned for viruses.
  6. Don’t invite trouble: file-sharing services and websites may install malicious code automatically. Stop them with training, policies and software.
  7. Strengthen passwords: require passwords that mix letters and numbers – never names or dictionary words – and change them often.
  8. chedule backups: implement and enforce backup schedules for your servers, desktops and laptops – and automate as much as you can.
  9. Back up complete systems, too: a ‘down’ server means lost business, so back up the operating system, applications, configurations and settings, not just files.
  10. Keep off-site backups: make sure files and systems can survive fire, flood, vandalism, sabotage, loss of your facility, or even a regional disaster.
  11. Test backups: don’t wait until recovery to discover a resource, process or technical shortcoming – test the entire cycle.
  12. Get help: find a local IT partner whom you trust, who understands and can help with both your business and technical requirements.