Next to your people, your company’s data is your most valuable asset. Did you know that, according to industry statistics, 80 percent of organizations that experience a loss of data are forced to shut down within 18 months of the incident? In the world of IT, we’re well aware of this constant threat and its ramifications. Protecting businesses, schools’ and governments’ networks from data loss and both internal and external threats is a staple of what we do for our clients. While there is no silver-bullet that eliminates all threats, provisions can be taken to significantly reduce the risk of a security incident. People should also be aware that not all data loss incidents have to do with security breaches. There are many cases where data can be lost due to malpractice or employee error. All it takes is for a one of several common slip-ups to occur and without a proper backup system in place, your data is lost. Even if you do not choose Source One Solutions as your IT provider, please remember to implement a comprehensive data security solution for your business with another qualified IT provider. Here is a list of our most common cyber security services and best practices.
• Link Security- such as Email, Links, Attachments, Pop-Ups spamming, phishing, executables, DNS recognition, Web Content Filter
• Unknown Devices –preventing or tracking systems to monitor students and staff when they use “their” own Laptops, Tablets, Phones, USB keys, peripherals, etc
• Physical Access Protection – Only authorized staff have access to equipment locations.
• Keeping equipment and software Current – Security breaches can happen due to out dated tech (firmware, updates, revisions), make sure policies are in place to patch all IT equipment on a regular schedule
• User Error – Need to know basis, meaning make sure only authorized staff have access to sensitive info (standardized exams, health records, grades, SSN, incomes, etc)
• Active Data Backup – Backups that run multiple times a day, in addition to nightly backups, running IOS configurations for Routers, Firewalls, and switches, all stored in secure place on and off-site.
• Application Security – Sharing is easy, make sure level of access is in place.
• Centralized Password protected file storage – Make sure all files are stored centrally on protected servers/NAS. Furthermore, password protect sensitive documents
• Training & Education – Train students and staff on the IT policies in place, why they are in place, and how they protect them from cyber-attacks.
• Disaster Recovery Plans – Have a plan in place in the event a breach or cyber-attack occurs and test it on a routine basis. Have run books in place to assist in the steps needed to restore IT infrastructure back to normal operations and decreases the stress/pressure on those doing the recovery of data.
• Network Segregation – Separate Staff network from student networks. Have students use Guest/Student-WIFI for classrooms and have staff share files with them. This mitigates the risk of a student accidently (or maliciously) targeting sensitive networks/servers
• Communication – Provide staff & students with alerts regarding cyber-attacks. There’s nothing wrong with over-communicating threats and how “people are the front-line” in cyber-security attacks.