Secure your computers
Secure your servers
- Keep servers, switches and hubs locked.
- Monitor and limit access to server rooms.
- Consider fire and flood risks as well as theft.
- Keep server rooms cool.
- Ensure server rooms have redundant power supplies.
Server security tips
- Seek expert advice from a trusted supplier.
- Restrict the number of administrator passwords.
- Consider using a hardware firewall for your servers.
- For servers running Microsoft operating systems, run Microsoft Baseline Security Analyser for security advice.
- As with desktop PCs, servers need a firewall, regular updates and anti-virus software.
- Don't use a server as an employee's workstation.
- Read server reports, such as security logs, and monitor for changes and irregularities.
- Make sure you have a rapid response maintenance contract for any servers you're responsible for.
- Regularly back-up server data and keep back-up data secure and only available to authorised personnel.
- Factor in redundancy in your server setup.
Secure your equipment
Although there are ways to physically protect your laptop or other portable devices, there is no guarantee that they will not be stolen or lost. While the theft itself is frustrating and inconvenient, the loss of information on the device could have serious long term consequences for your business.
Portable devices are designed to be easily transported and a lot of sensitive business information may be carried around outside the office, for example, sales information or customer data.
Make sure you manage the physical assets themselves as well and the security of the information they contain.
Educating employees about device and information security is critical.
- Create a register of your hardware and software assets:
- Take note of the brand, make, serial numbers and specifications for your equipment.
- Include monitors and other portable assets such as printers, scanners, speakers, pointing devices, cameras, mobile phones and storage media.
- Record the name, version number and product keys for your software.
- Keep this register in a secure location.
- Lock portable equipment that is not in daily use in a secure cabinet.
- Create a register for staff to sign out equipment. When staff sign out equipment, remind them of relevant security procedures and obligations. Audit your register monthly to ensure equipment has either been returned or is still on loan.
- Mobile devices such as laptops, tablets and mobile phones should be encrypted and secured with a password. Software is available to encrypt the hard drives of desktop computers to stop them being accessed if they are stolen.
- Ensure that staff do not write down passwords and keep them with the devices.
Secure your information
Encryption is the conversion of data into a secret code for transmission over the internet. By encrypting files, you ensure that unauthorised people cannot view data even if they can physically access it. Commercial products are available to encrypt information on your network.
There may be a business case to purchase this software to protect sensitive information such as your intellectual property and pricing policies. You may also want to consider options for full disk encryption, which prevents a thief from even starting your laptop without a password.
Establish an action plan
Establish a set of actions to take if business equipment is lost or stolen, and communicate them to your staff. These could include:
- maintaining a list of serial numbers of business equipment
- changing all passwords for online accounts previously accessed using the stolen device
- advising your bank and/or cancelling the card if a credit card or other information was recorded on the device
- reporting the loss to police and insurance company as soon as possible.
A firewall is a piece of software or hardware that sits between your computer and the internet and acts as the gatekeeper for all incoming and outgoing traffic. Firewalls can keep hackers out of your device and inhibit the activities of malware and viruses.
A correctly configured firewall will prompt you when it detects an unauthorised computer or program trying to access your computer or when a software program is installed on your computer tries to make an unauthorised outside connection.
Types of firewalls
Both hardware firewalls and application firewalls have user settings which can be changed to create the best compromise between security and convenience. More stringent settings provide greater security, but may interfere with some applications, for example online games, email or VoIP.
For more information and guidance on firewall settings, search the internet or the website of your operating system provider.
Remotely accessing your network
Accessing the office while travelling can provide increased productivity and flexibility. However, it is important to ensure your equipment and connection are secure so that your network isn't vulnerable and your business information isn't exposed.
You need to secure access so that only legitimate users can access your network, and encrypt your data to prevent theft.
Securing remote access requires a degree of technical knowledge. If remote access is an important part of your business, and you transmit sensitive business information, it may be worth investing in specialist advice from a computer expert.
Secure your network
- Ensure that you have a secure network, including an effective firewall and security software installed to keep out unwanted connections.
- Ensure installation of remote access clients and other software is restricted to a staff responsible for network security. They will control which programs are used and ensure they are installed correctly.
- If you allow staff to connect using personal equipment, including personal home computers, ensure they have up-to-date security software installed and are educated about the risks.
Secure your remote access
Before you implement remote access for your business, conduct a risk assessment. Identify risks and the controls needed to reduce risks to an acceptable level. You may also assess risk for individual staff, taking into account their specific circumstances, including where they will use the access (home or traveling, from a work or home PC) and if anyone else will be using the computer (including family members).
- Restrict access to the minimum services and functions necessary for staff to carry out their role.
- Ensure that all staff use strong passwords on their mobile devices.
- Make sure that staff using laptops do not set their computer to log-in automatically and that they don't store their password on their laptop.
- Use strong authentication that requires both a password and a token-based or two-factor authentication.
- Delete staff remote access privileges once they are not needed. For example, do not let someone who has left the company retain access to your network.
In order to protect sensitive information you may choose to restrict the type of data that can be accessed remotely. You should use Virtual Private Network (VPN) software which provides a high level of encryption to access your network remotely.
Review firewall and other server logs to monitor remote access and watch for unusual activity.
Where to get help
|You are experiencing difficulties connecting to the internet||Your internet service provider.|
|You suspect your device has been infected with a virus or malware and a full system scan has not resolved the issue||
|You are looking for more information on securing your desktop or laptop computer||
|Information on recent threats||Sign up to the free Stay Smart Online Alert Service.|
A full list of useful contacts can be found on the Contact us page.
Find out more: