Every day we hear about hackers or ransomware or some other malicious force wreaking havoc with our information and computer systems. What can you do as a business to protect yourself, your business financial data, your employees’ personal information, and your customer/client/patron data? Below is some basic, non-technical advice to use as a guide for developing an information technology security plan for your business.
We need to start with some background information: First, there is no one single product that will solve your business’s information security needs. Securing your business’s technology requires a layered and holistic approach. Second, securing and maintaining the security of your business is an on-going process. It is not a one-and-done thing. Third, keeping and maintaining your business’s information security is the responsibility of everyone in the business -- from the owner/director/CEO down to the front-line level one staff person. It is also a responsibility shared with your vendors, contractors, and service providers.
It is helpful to compare a business IT security plan to a home security system. In a well laid out home security system, you will have many layers of protection and notification and remediation. Your fence and locked doors and windows help keep out would-be attackers. You have various sensors deployed to alert you and the authorities when there is unauthorized access. You have different kinds of sensors for different kinds of threats (glass break and motion sensors for burglars, fire and smoke detectors for fires, water sensors, CO detectors, etc). You may even have active deterrent systems and agents to go after the bad guys, for example a guard dog or sprinkler system. A well planned security system will also provide a mechanism for you to keep copies of important documents -- like car titles and deeds -- someplace safe and off-site. Most importantly, if you’re serious about your home security, you will have some procedures that you share with your family so that everyone understands what to do when an intruder or fire or some other home disaster strikes.
The point is, your home security system/plan has multiple layers of active and passive protection designed to protect your family, home, and valuables. It will also likely have some form of “backup” of important data or spare materials kept off-site, and, most importantly, everyone in the family will know the procedures in place to respond to home emergencies.
Just like a well planned home security plan, your business needs layers of technological defenses from a technology emergency. At the heart of this is a set of procedures, response expectations, and an electronic backup of your business’s critical data and other information needed to get operational again if and when disaster strikes.
Develop Your Plan
Devising and maintaining an effective information technology security and disaster response plan is a daunting task for most businesses, especially small businesses. Here at Vital Computing, we can work with you, your staff, contractors, and vendors to develop and maintain an effective technology security and disaster recovery plan for your business. Contact us to schedule a time to sit down and discuss how we can help you protect your business from malicious attack or technology disaster