Home
Call us now 0845 241 22 66
Business IT Support, SC Consultants, Chippenham, Wiltshire, SN14
Success


IT Security
SC Consultants
Rowan House
Sheldon Business Park
Chippenham
Wiltshire
SN14 0SQ
0845 241 22 66
 
Add to FavoritesPrint this PageContact Us

"No one can build his security upon the nobleness of another person."  Willa Cather novelist (1873 - 1947)

The phrase 'IT security' is associated with the most common concerns, such as viruses, data theft or malicious attack from the Internet.

Small and medium sized businesses are not normally victims of security attacks, but there are real risks generated from inside and outside of the company's network.

Such attacks can target:
Insecure logons
Devices not protected from viruses
Incorrectly configured or unmanaged Firewalls
Insecure data storage and messaging
Windows security flaws
Software vulnerabilities
Users installing software or visiting websites containing malicious content



SC helps small and medium sized businesses realise their risks through an on-site survey.

SC's Top security tips

  Carry out a ‘brick level’ risk assessment of your entire network, and have a disaster recovery plan in place, should things go wrong.

 
  Ensure everyone logging into our network has a secure password, not one that can be guessed easily.

 
  Secure your network so that only authorized devices can communicate across it; this should be done at the MAC level. Work on the basis of denying all access to all clients on all systems, and then only grant access as required.

 
  Protect your borders by installing a firewall at every possible point of connection. If your network can be seen from the Internet for any reason, such as for website hosting, or if you service XML or EDI queries from suppliers or customers, then you should configure a DMZ to isolate this traffic from your live network to a safe location. Also ensure only essential ports are open on your firewall, e.g. for email and web access etc.

 
  Install anti-virus software on all of your PCs, laptops and servers (make sure it’s up-to-date and daily scans are automated). Install software to detect spam, adware, malware and other malicious / annoying programs that can be installed onto PCs and servers.

 
  Ensure all of your devices have the latest vendor recommended security updates installed (automate this process as much as possible). This not only applies to the obvious server and desktop devices, but also to firewalls and other devices. Check these updates are being deployed correctly to the relevant devices.

 
  Invest in making your operating systems as current as possible. Newer software has fewer flaws / bugs and known ‘back doors’.

 
  Insist all clients have the correct local and network permissions and no more.

 
  Take all users out of the local administrator’s groups on their PCs to prevent them from installing unauthorized applications.

 
  Install a Web filter so you can control your employees’ Internet access and usage, and set up a Security Policy for all employees (in our experience, more damage is caused to systems by internal users than by external hackers).

 
  Deploy a ‘bullet-proof’ backup strategy with regular backups, restore strategies, integrity checking and offsite secure archiving.

 
  Good housekeeping is also necessary. Make sure passwords are strong, secure and safely documented. Disable accounts of employees on holiday or those who have left, and make use of a radius server for remote access authentication wherever possible.