The first step to protecting a network is the use of a network firewall.  If information moving over the Internet is a bit like cars traveling on the highway, a firewall is like a roadblock that stops certain types of information.  The firewall stops the bad guys, and
can help protect a network from certain kinds of viruses, called “worms”.  The recent Sasser virus is an example of a worm that is stopped by firewalls.

 

Firewalls are often built in to other network devices, such as Internet Gateways, devices that allow multiple computers to share a single fast Internet connection.  A suitable firewall can be purchased for as little as $100.  Firewalls are also typically included in Wireless Routers, devices that allow computers to work together using radio signals. Although the firewalls in wireless devices are generally secure, wireless networks have special security needs.  For businesses using wireless networking, I recommend the use of WPA, or at least WEP, both of which encrypt the radio signals to prevent casual hackers from stealing data and Internet connections.  Consult with a security professional for more information on how to secure a wireless network.

For most companies, the biggest threat to information resources does not come from outside, via viruses or hackers, but rather from inside, in the form of disgruntled employees or simple human error.  As much as 85% of all security incidents come from internal sources.  Companies need to have appropriate internal security, such as user
permissions, good passwords, and monitoring, to ensure that important information is protected from all threats.

One of the most important things a company can do to limit the damage that can be done by viruses, hackers, accidents or disasters to make good, regular backups of all important information.  There are a number of easy ways to make backups.  It is also important to
keep a copy of the most recent backup someplace safe and away from the business location.  In case of a fire at a company, this backup can be retrieved, and the company can be back in business much faster.

As an additional impetus to implement good security, recent federal laws such as HIPAA, Sarbannes-Oxley, and others require the protection of customer information, financial records and private employee information.  Failing to protect this information can result
in fines and even jail time for certain types of company executives.  A competent security expert can help a business understand which laws affect the company, and how to meet the requirements of those laws.
Good planning, designating a security expert, and implementing reasonable protection can keep a business functioning even when the technology fails.  Training employees and helping them to make good decisions is a powerful prevention tool for protecting
computers and networks.  Developing effective policies and procedures can help employees to understand how to use technology safely.  Making good backups can help a company recover quickly and easily when the worst-case scenario does happen. Implementing all of these things is a major step towards compliance with federal laws.