Small businesses should 'layer' their security

Home

Members

Services

News & Info

Entertainment

Help

Content Starts Here

Small businesses should 'layer' their security

As most seasoned mountain climbers know, the key to keeping warm in subzero temperatures is to put multiple layers of insulation between themselves and Mother Nature.

To help protect your company's data, you should take cues from the climbers. Instead of looking for a magic formula, you should approach data security from the perspective of layers or building blocks. Each safeguard you can place between malicious online threats and your company's data will provide another layer of security for the lifeblood of your business: information. The layers - or building blocks - that all small businesses should consider are:

Physical security
User security
System security
Network security

Following are some key considerations for these building blocks.

Building block 1: Physical security

When a notebook turns up missing, a desktop is stolen or a handheld is lost, the information stored on the devices goes right along with it. For many small businesses, the cost of losing that data can be far more devastating than the replacement costs of the devices. Small businesses whose employees spend most of their time out of the office, where wireless devices are more vulnerable to loss or theft, can be especially impacted and should be sure to have a protection plan as it relates to physical security.

Physical security includes cable locks and asset tagging, as well as recovery services (such as ComputraceComplete1 from Absolute Software) that are designed to protect your PCs and the data they contain from theft and unauthorized access. Products like those offered by Computrace also can help you remotely track PC configurations and usage.

Building block 2: User security

As a small business owner, you should consider your company's data in much the same way you consider your personal property: You have things you don't mind sharing with people you know and other stuff that nobody touches but you.

That's the way you should set up your systems. And with user authorization protocols and software, you can. The first thing to do is to set up your systems so that only authorized users - your employees and, in some cases, your customers - can access the information you want to share with them. The next step is to make sure your employees can readily access information they need in order to do their work efficiently, but are restricted from accessing sensitive company information.

To meet these steps - user authentication, password and encryption technology offer the best solution:

Look for systems that support BIOS-level passwords that require user authentication even before the operating system loads. All DellTM business systems do this

Consider using Smart Card technology to restrict/allow access to your systems. This is standard equipment on all D-family Dell Latitude notebooks

Biometric solutions (such as fingerprint identification) offer even greater levels of user authentication

Encryption software - which scrambles data in such a way that it becomes useless to any unauthorized person who accesses it - helps to keep hackers and other malicious intruders at arms length

Another important user security precaution is instituting an e-mail and Internet security policy. By getting each employee on the same page about security, you'll be less likely to experience security problems

Building block 3: System security

More than any other device on your network, the individual PC is the Achilles heel in terms of vulnerability because it's the favored point-of-entry for some of the most common security threats. And the "work-anywhere workforce" enabled by wireless technologies heightens your security challenge. That's why installing and keeping a current version of security software on all your employees' computers is a necessary first step to system security. This software helps protect against viruses, worms, spyware, and other threats that are transmitted over the Internet, as well as files imported from USB keys, instant messaging and other means. Another smart step is to set up your IT structure in a way that enables you to view and manage all of your company's computers from one central location. This step, which you can achieve by using solutions such as Dell's OpenManage Network Manager, will add confidence that all your PCs have the same level of protection.

Dell also helps small businesses protect their systems from unauthorized access, control and damage with a more secure or "hardened" operating system configuration. This service involves more than 50 factory-activated security settings within the operating system designed to meet security benchmarks established by the Center for Internet Security. Another important area that small businesses would prefer to avoid - but definitely need to consider - is hard drive failures. Specifically, you need to consider what will happen to your data - and how you want to manage it - in the event of a fatal hard drive crash. To that end, Dell offers a "Keep your hard drive" service that helps small businesses stay in control of important data. Under this program, if a hard drive covered by your Dell limited warranty fails, you can keep the defective hard drive that's being replaced by Dell, helping you protect sensitive, classified or proprietary information.

Building block 4: Network security

Without a doubt, network technology drives small business productivity and success. But it also increases vulnerability to security threats. Fortunately, a wide range of technologies in the marketplace today are designed specifically to help small businesses keep your networks safe and secure:

Firewalls: A firewall is a protective barrier that prevents unwanted access to or from your company network. The firewall scans all traffic passing in and out of your network and blocks unauthorized messages, intruders and viruses
VPN Protection: A virtual private network (VPN) is a cost effective solution for employees at small businesses to connect securely to their respective business networks from remote locations, and communicate confidentially with each other across shared or public networks like the Internet. Leading technology vendors offer VPN and Intrusion Protection/Packet inspection to help ensure that VPN connections are secure
Encryption: When buying network technology, small businesses should seek out those vendors who provide hardware support for WPA2, a sophisticated encryption protocol and part of the 802.11 industry standard for networks. WPA2, which comes standard on select Dell Latitude notebooks, is designed to eliminate the weaknesses found in previous encryption protocols
Cisco Compatible Extensions Program: Because the vast majority of wireless networks come in touch with Cisco Systems technologies, small businesses should consider using wireless equipment manufactured by the Cisco Compatible Extensions Program, which is designed to ensure that wireless solutions deliver tested and certified compatibility with the latest Cisco wireless infrastructure hardware and security technology. Dell is a founding member of the program