bizEDGE New Zealand logo
Story image

Best security practices

01 Feb 2011
  1. Close security gaps: laptops travel, and contractors and visitors connect to your network. Protect network endpoints, not just perimeters.
     
  2. Integrate defences: combine anti-virus, firewall, intrusion detection and vulnerability management at endpoints, and add encryption if they travel.
     
  3. Patch software: threats evolve, so close vulnerabilities quickly by applying updates from Microsoft and other software providers.
     
  4. Update virus definitions: keep your virus definitions up to date so your anti-virus software recognises new threats.
     
  5. Alert employees: warn them about attachments and links in unexpected email, and in software downloads before they are scanned for viruses.
     
  6. Don’t invite trouble: file-sharing services and websites may install malicious code automatically. Stop them with training, policies and software.
     
  7. Strengthen passwords: require passwords that mix letters and numbers – never names or dictionary words – and change them often.
     
  8. Schedule backups: implement and enforce backup schedules for your servers, desktops and laptops – and automate as much as you can.
     
  9. Back up complete systems, too: a ‘down’ server means lost business, so back up the operating system, applications, configurations and settings, not just files.
     
  10. Keep off-site backups: make sure files and systems can survive fire, flood, vandalism, sabotage, loss of your facility, or even a regional disaster.
     
  11. Test backups: don’t wait until recovery to discover a resource, process or technical shortcoming – test the entire cycle.
     
  12. Get help: find a local IT partner whom you trust, who understands and can help with both your business and technical requirements.