Stay secure on a budget

Whether you have several employees and run a network of computers or are a sole trader using only one PC, you need to protect your systems from threats such as IT viruses, hacking and data loss

Imagine the impact it would have if your business’s identity was stolen, your IP address was used to download illegal material or fire destroyed all your data.

Your firm could suffer financial loss and reputation damage, or even find itself on the wrong side of the law if personal data protected under the Data Protection Act was compromised.

Turning to an IT supplier may not be an option if money is tight, but fortunately much can be done on a budget to keep your systems safe.

IT risk assessment

Start by assessing the particular IT risks facing your business. Then you can devise and implement a strategy for minimising them in an IT protection plan. Risks to your business may come from online activity; unauthorised access; or hardware damage, loss or theft.

A firewall should be your first line of protection from dangers such as hackers and fraudsters. Ensure yours is enabled.

However, you also need software to protect you against viruses, which can delete and damage files and programs, and spyware, which can monitor your online usage or grab your data. Most free anti-virus and anti-spyware software is for personal use, but commercial software from a reputable supplier need not be expensive. Ensure it provides frequent updates and use it to regularly run full system scans.

IT security basics

Other security basics cost nothing. For example, be cautious about opening email attachments from unknown sources and going to web links from emails whose origins are dubious. You should also take care about which sites you download software from and be alert to ‘phishing’ (where fraudsters try to obtain personal information from you). Never access your confidential information in a public wireless hotspot.

If you are emailing an important document, use open source Zip software to send it securely. This enables you to password protect the document. Ensure you send the password to open the document separately.

Access to your computers, as well as different areas of your system, should also all be password protected. The passwords should not be obvious, and you need to change them frequently. Make sure your staff have access to no more of your system than they need to do their jobs.

Staff IT training

Importantly, staff need training in good IT practice. They should, for example, be aware of the dangers of plugging their own mobile devices into your system unless the devices have been scanned for viruses. You should also control what your staff can download and ensure that any files are scanned before being downloaded. A clear set of IT policies outlining what is and isn't allowed can help clarify your expectations and hopefully eliminate any risks caused by employees' use of your IT systems.

IT risks don’t only come from those with malicious intent. All businesses are vulnerable to the unexpected, for example fire, flood or hardware failure. You need to make regular backups of all your files and hold one in a secure off-site location.

Finally, update your operating system and software regularly, by downloading the latest patches. This will help ensure you continue to run at optimum efficiency – which is particularly important in hard economic times. And it will cost you nothing.

More on this topic: