Today’s Byte is a shorted version of an article I co-wrote with Jan Hepola from Minnesota Technology Inc. It’s all about security and it’s a promotional piece for some upcoming e-commerce classes that are happening at Normandale Community College. I thought you might be interested in the article and maybe the classes.

Internet Security is more than just technology

Think Internet Security is just a concern for the IT department? Think again! The IT department can install the best technology to prevent security incidents, but security is more than getting the right technology. You need to create a security plan that factors in people, policies and procedures. Consider the following elements as part of your security plan:

Acceptable Use Policies: Create a document that outlines the computer activities that are considered acceptable. Include consequences for non-compliance and communicate this to employees regularly. This will protect both you and your employees from any lapses in judgment. Also, develop and monitor the security procedures that take place when an employee leaves your business.

Passwords: Use “strong” passwords. This means using a combination of random letters, numbers, characters and a mix of lower and upper cases. Hackers have tools to break password codes starting with words found in a dictionary or common names. Insist that users not share passwords; this includes posting the passwords on their computers or writing them in Rolodex under “p”.

Virus Protection: Install virus protection software on each computer in addition to the network. This will ensure that files (including attachments and shared discs) will be checked for viruses before they cause damage. Critically important is a policy that each user must regularly schedule the updating of their virus definitions. It is important to show your employees how to do this while communicating why it is important.

Firewalls: Protect your computers and network from attacks from the Internet with a firewall. There are two types of firewalls: hardware and software. As data attempts to come into your network, the firewall determines if it is dangerous (hacker attempts) and should be deflected, or safe and allowed to pass through. Having a strong firewall is particularly important if you are using DSL, cable, wireless or satellite to connect to the Internet.

Training: Teach staff about technology security. Talk about why certain activity is expected or restricted. It is easier to get compliance when users understand the risks to your business and their personal safety.