May 1, 2007

Security...Need You Be Reminded Again?

I think not. However, the the National Cyber Security Alliance, a central clearinghouse for cyber security awareness and education for home users, small businesses, and the education community thinks you should be reminded.

NCSA is a public-private partnership and sponsored by the Department of Homeland Security, Federal Trade Commission and many private-sector corporations and organizations and offers the following tips to stay secure:

Ensure that all employees use effective passwords, and when possible, stronger authentication technology.

Encourage passwords that are comprised of different upper and lower case letters characters, and change them every 60 to 70 days (not to exceed 90 days). For a more secure and reliable way to authenticate users and prevent hackers from stealing passwords, you may consider implementing some sort of multi-factor or strong authentication.

Protect your systems.

Install and use anti-virus programs, anti-spyware programs and firewalls on all computers in your business.

Keep all software up-to-date.

Ensure that all computer software is up -to -date and contains the most recent patches (i.e., operating system, anti-virus, anti-spyware, anti-adware, firewall and office automation software). Most security and operating systems contain automatic updatesómake sure that function is turned on and sign up for security notifications from the software company.

Create backups.

Make regular (weekly) back-up copies of all of your important data/information. Store a secured copy away from your office location and use encryption to protect any sensitive information about your company and customers. Regularly creating back-ups better ensures that your critical data is not lost in the event of a cyber attack or physical incident, like a fire or flood.

Be prepared for emergencies.

Create a contingency plan for your business so you can recover if you experience an emergency. Include plans to continue business operations at an alternate location when necessary. Test your plan annually. For more information on how to develop a business plan to prepare for an emergency go here.

Encrypt your customers' data.

Protect your customers' data from hackers and thieves by using encryption programs that encode data or make it unreadable, until you enter a password or encryption key. Some encryption programs are built into popular financial and database software and some broadband providers now include encryption for wireless networks as a part of their service.

Report Internet Crime

Locate and join an organization of your peers for information sharing purposes. If you suspect fraud or criminal intent, report it to the local law enforcement agencies, the local Federal Bureau of Investigation, Secret Service, or State Attorney General's offices. Moreover, some states require you to notify your customers if hackers or thieves steal or could have stolen your customers' unencrypted personal information, including data residing on a computer stolen in the offline world. Check your state laws to see if this rule applies to your incident. To find out more information on how to report a cyber security incident, go to https://forms.us-cert.gov/report/ or http://www.ic3.gov/complaint/

0 comments