One of the biggest responsibilities for our IT consulting company near Boston is keeping IT networks secure. Whether it’s a few PCs or hundreds on your IT network, there’s one thing that can separate your system from being compromised: a great password.

Why? Hackers want access to anything and everything. If they can guess your user name and password, you might as well have given them your wallet and the keys to your building.

Before we talk about what makes a good password, let’s begin with the first of five things to know and practice in using passwords.

1. Don’t be complacent: Attacks can and do happen.

Hackers are a devious bunch and will stop at nothing to get into your network and files. They use three different methods to get to you: brute force, dictionary attacks, and social engineering. (more…)

Worried about hackers, viruses and malware? Are you concerned that your employees can’t access their data when they’re on the road?

These are common concerns among small-business owners. The average annual loss reported by United States companies more than doubled in 2007, to $350,424 from $168,000 the previous year, according to the CSI Computer Crime and Security Survey. That ended a five-year run of lower reported losses. Average losses dropped somewhat in 2008 but remained alarmingly high, at $289,000 per respondent.

And a recent survey of 400 small-business owners by Hewlett-Packard found that small businesses place mobility high on their priority list, because nearly one-third of their time is spent outside the office.

It’s possible to address both of these issues with a single solution: upgrading your company’s computers from a peer-to-peer network to one that’s managed by a server. A server is a dedicated computer that stores and manages information and acts as a hub to connect other computers and devices.

Here’s how a server can answer the concerns of your small businesses, when it comes to safety and mobility, including:

1. Creating a firewall to protect all of your personal computers.
A server can defend every one of your company’s computers by building a protective firewall to keep unwanted elements such as hackers, malware and viruses, off your network. “This firewall provides protection to servers connected directly to the Internet or to servers located behind Internet connection sharing,” says Eileen Vee Wilson, the chief marketing officer of Comnexia, an IT services company in Roswell, Ga.

2. Offering the ability to manage all of your permissions.
Servers allow you to determine who does-and doesn’t-have access to files on your network. “I think it’s the biggest security advantage to having a server,” says Robert Gaynor, president of Boca IT Solutions, a Boca Raton, Fla., consultancy “By moving to a server-based environment, we can manage users and permissions in one cohesive database.  This adds a level of security and helps prevent human mistakes when assigning permissions to resources.”

3. Allowing your data to get saved.
Servers also offer a way to make sure all of your company’s data is backed up automatically, according to Ennio Carboni, director of product management for Ipswitch, a business software developer in Lexington, Mass. “Backup is also much easier in a client-server architecture, since the dedicated server is the sole point to copy, versus a peer-to-peer setup, where every laptop holds a piece of data.”

4. Requiring sensitive information stays safe.
“Having a server system also gives you the ability to better lock down sensitive data,” says Mark Wall, director of Microsoft Strategic Solutions at Optimus Solutions, an IT services company in Norcross, Ga. There’s less of a chance that a lost laptop can lead to thousands of credit-card numbers falling into the wrong hands, for example, because access to that information is managed by a server and doesn’t actually reside on the PC.

5. Allowing your employees access to their work from anywhere.
Accessing information on a peer-to-peer network can be difficult-and sometimes impossible-when you’re out of the office. Not so with a server, says Richard Lyons, president of Lyons Consulting Group, an IT consulting firm based in Chicago. “Mobile workers can gain access remotely to files stored on a server,” he says. “In addition, an Intranet [managed by a server] can insure that every employee has the most recent presentation and sell sheets.”

6. Affording better collaboration-even outside the office.
If you’ve ever tried to get all the members of your sales team in the room for a meeting, you know how difficult, or impossible, it can be. Wouldn’t it be nice if they could collaborate from afar? A server allows them to do that, says David Eisner, president of Dataprise, a Rockville, Md., network support services company. “Using a centralized file server better supports team collaboration and thus can improve overall staff productivity and efficiency,” he says.

7. Make e-mail easier.
Today’s servers allow your employees to access your e-mail from the road, says Paul Banco, a vice president of CiBan, an IT consulting firm in Marlboro, N.J. And unlike the POP3 accounts that you’re likely to use on a peer-to-peer network, the server-managed e-mail accounts are easier to use for remote employees. Accounts are automatically synched and your workers can access their messages from a PC, laptop or mobile device, like a PDA.

8. Stay productive with calendaring and other features.
Having a server means putting applications that were once only available on your desktop, like a calendar, on other mobile devices, according to Russell Frost, a principal at Dataccount Inc., a technology service provider to small businesses based in New York. “Calendaring functionality is available not only in-house, but also one the road,” he says.

So do you need a server? If any of these features seem appealing to you, maybe it’s time to look at making an upgrade from your peer-to-peer network. Experts say servers make sense if you have more than two employees and spend some of the time out of the office.

In the end, though, it comes down to cost. “And it is to the point now,” says Michael Proper, chief executive of DirectPointe, a Lindon, Utah, provider of IT outsourcing solutions, “where there are server solutions with all of the basic services that can be affordable for a small business.”

Small and mid-sized businesses can be the hardest hit by new malicious code, spam, and phishing. Disruptions and down time can be avoided, however, by following the measures outlined in this article.

Introduction

The security landscape is constantly changing, so the threats your business faces today are different from the threats of a year ago – or even six months ago. The latest Symantec Internet Security Threat Report gives an overview of threat activity for the first six months of 2007. Here are a few important trends noted in the Report: (more…)

Don’t stop fortifying against risk.  Four ways to mitigate risk in a tough economy
reprinted with permission from HP

Every business deals with risk. But medium-sized businesses, with smaller IT staff and tighter operating budgets are often more exposed to risk than larger companies. This reality is never more evident than in a down economy: When the repercussions of a business disruption are as grave as they are, how do you insulate your business from risk? (more…)

When (If) we think about data security for our businesses we tend to believe if we have a firewall and antivirus in place we are protected . . . if this were only the case. There are so many other aspects of data security that we have to consider on a day-to-day basis. Here are a few of the most commonly overlooked areas of business data security.

Mobile Devices
Do you have a formal policy for cell phones? Is there a lock feature or PIN they must enter in order to access the phone? What is your action plan if they lose the phone or if it gets stolen? Can you remotely “wipe” the phone through your Exchange server? These are things that need to be considered if your employees are receiving company email or if they keep company and client contacts on their phone. There are many features in exchange 2007 and 2010 to assist with securing or protecting the mobile device. Also, if you have iPhones in your organization we would recommend using the password lock feature. The key is to have a formal procedure and to ensure your staff knows that management needs to be notified immediately if a device is lost or stolen. (more…)

Every business deals with risk. But medium-sized businesses, with smaller IT staff and tighter operating budgets are often more exposed to risk than larger companies. This reality is never more evident than in a down economy: When the repercussions of a business disruption are as grave as they are, how do you insulate your business from risk?

“For mid-sized businesses, the financial impact of business disruptions is tremendous,” said Anil Miglani, senior vice president, AMI-Partners. “We estimate that through security breaches and data loss alone, medium-sized businesses worldwide lost approximately US$4.7 billion in 2008.”

According to strategy consulting firm AMI-Partners, in 2008 medium-sized businesses worldwide lost approximately US$4.7 billion due to security breaches and loss of data. (more…)

The security of your computer and data is crucial for you and the success of your company. Lost or stolen information can reveal company secrets, or expose your confidential or personal information. The more you do to keep your computer secure, the safer your information will be. Use these 10 tips to learn ways you can help protect your computer, your data, and your company’s network. (more…)

Imagine that your business has a make-or-break presentation scheduled today with a prospective client. But after arriving at work this morning, you discovered that key files needed for the meeting are corrupt. The culprit: a virus-infected email message that one of your employees forwarded from the Web last night to everyone in the company.

It may sound like every business’ worst nightmare. But as the use of communications tools such as email and instant messaging (IM) proliferates, it’s a scenario that all businesses must wake up to sooner rather than later. If you’re serious about protecting your business’ intellectual property and other sensitive information, then you need a comprehensive privacy policy that addresses employee use of email and IM. This article will show you how to implement some privacy policy “best practices.”

Assess your risks Few people would doubt that email has revolutionized communications in today’s business world. According to the American Management Association’s 2003 “Email Rules, Policies and Practices” survey, 86 percent of respondents said that email has made them more efficient, while 51 percent said they are much more efficient. Gartner, meanwhile, forecasts that 70 percent of all corporations will use IM this year, and that by 2005 IM will represent 50 percent of all business-to-client communications. (more…)

Regulatory mandates require compliance. Here are some security measures you can take to help your business meet regulations and stay compliant: (more…)

A data breach is when personal information is collected, retained, accessed, used or disclosed in ways which are not in accordance with the provisions of the enterprise’s policies, applicable privacy laws or regulations.

It doesn’t matter if the data in question has been taken from an improperly protected corporate network or from memos which have been tossed in the recycling bin rather than being shredded. If customer information has been disseminated without customer knowledge and consent, then there has been a data breach and in 40 states, the law requires that the company must notify every current and potential customer, employees and vendor of the incident. What constitutes a violation of good data security practice? (more…)