Five Things You Can Do To Improve Your Company's Security
As security issues grow more and more prevalent, we CIOs need to improve our
environments. We often forget formality and become too casual making life too
easy for our user community for our own good. Here are some quick things that
can be done in short order to help improve security at your business.
I truly wish this went without saying... but more often than not, I continually
encounter non-expiring passwords in our client networks. Worst yet is that most
of these are accounts with administrative privileges. That's just bad. Start here,
and get your administrative passwords on an expiration cycle, then move on to
the user community.
Password Character Inclusion
Yes, we're going to harp more on passwords. Force the inclusion of non-alpha-numeric
characters. Punctuation and symbols go a long way in changing things up. For example,
"iceage" becomes much more secure if it's "1ce-@ge" yet can still be remembered.
Keep Hardware Use to Internally Provided Gear
I have personally witnessed this once... someone bringing in a hard drive from
home to starting to copy company assets to a non-company owned piece of equipment.
While Bring Your Own Device (BYOD) is certainly an up and coming strategy,
that doesn't mean that it's a free-for-all out there. The more we can supply our
user communities with appropriate equipment, they less they'll feel the need to
bring their own gear.
Let's not even talk about how easily viruses and worms can enter a protected,
company network by simply plugging in a hard drive from home.
Manage the Mobile Devices
Yep, keeping control not only makes it easier to support going down the road.
Mobile Device Management (MDM) software provides your company with the ability
to set and deploy remote policies such as content filtering. Our own AVG Cloudcare
services allows our clients to manage policies and even back up mobile devices
to the cloud, all from a central location.
The mobile device age is here. Just make sure that the devices you support have
remote wipe and location capability. It will make your life much easier when
something gets lost or stolen. Remember, the damage is not the $1000 device
that was taken, but the exposure of the data on the device. While most thieves
are truly after the hardware, it's not worth the risk of deploying non-remote wipeable hardware.
Remote wipe is a Mobile Device Management (MDM) software feature that allows
a network administrator or a device owner to send a command to a remote device.
A remote wipe may delete data, return the device to factory settings, or remove
programming from the device.
All said and done, there are some simple and quick to deploy techniques that
can dramatically improve network security. Try some of these and let us know
in the comments area below how it worked in your company.
JT Koffenberger is an information technology executive with over 25 years of
applied Information Technology business experience. He applies advanced
technologies and techniques to bring strategic advantage to businesses. He is
the Founder and General Manager of
The Delmarva Group LLC,
a managed IT services firm based in Wilmington, Delaware. Under his leadership,
Delmarva Group provides all IT-related services to small- and medium-sized businesses.