PC Security Plan

Without an internal PC security plan at your business, all of the files on your company PC’s could be available for anyone in your office to see. That could include strategic documents, financial files, and employee records.

That should not be the case, yet business owners fail to devise such a plan, and end up paying the consequences. Not only is their business information at risk, but they also threaten confidentiality pledges made to employees and customers.

You must have a formal PC security plan that is simple to understand and one that employees can support and help to enforce.

Here are five basics that should be part of your PC security plan.

1. Use password protection. Protecting files with passwords ensures that only authorized users can open a data file. Your operating system most likely has a built in password protection system and most software applications — including Microsoft Office — let you password protect files and folders.



2. Choose creative passwords. Your spouse's, child's or dog's name should be off-limits as passwords. The reason: People in the office know them and could guess that they may be your password. The same rule applies to birthdates, street addresses, favorite bands or singers, and other terms or words that people are likely to associate with you. Also, keep in mind that it is harder to crack a password that is made up of a mixture of numbers and letters in upper and lower case, as well as one that is changed frequently. Facilitate use of passwords by providing instructions to everyone in your company on how to create passwords, when to change them and how to protect files and folders.




3. Use encryption. One way to protect the valuable information on your business PCs is to encrypt data. Encryption software turns data into a string of gibberish that you need the correct software key to decipher. Encryption software is commonly used to limit access to highly confidential files such as financial and customer lists, to safeguard laptop PCs that will be used outside of the office, and top secret e-mails.



4. Never leave data unattended. Something as simple as encouraging your staff to close files before leaving their desks can limit PC security risks. Without this precaution in place, a break for lunch can leave PC files open to anyone who passes by. Support PC security by imposing rules that require staff to close all documents while not in use.




5. Limit laptop breaches. The use of laptop PC’s enhances productivity, but it also threatens your business' security if proper precautions are not taken. Encourage all remote workers to keep security in mind outside of the office by using small fonts when working on confidential documents in public places such as coffee shops and planes. If your staff members use public technology resources such as those found at Kinko's, show them how to ensure that documents remain on their laptop hard drives, rather than on the resource's computers. Encryption can also protect laptop computers that are used outside of an office. If encryption software is in active use on a stolen unit, the thief will not be able to read documents stored on it.

Network Security Plan

While the breach of a single PC can be a problem, unauthorized access to your network, with the complete spectrum of files and information, has the potential to be catastrophic. All your confidential information is vulnerable.

This may sound alarmist, but one breach of your network and you will wish you had taken these simple steps to protect your network.

1. Establish network passwords. Network passwords are similar to PC passwords in that they prompt users to input a confidential code each time a computer turns on and tries to connect to the network. Encourage creative passwords.



2. Create Firewalls. A firewall establishes a protective layer between the outside world and your network, to prevent access by anyone who does not use the proper log-in information. Firewalls can be comprised of software or software and hardware combinations, and function by denying access to unauthorized users. Incorrect installation of firewall software is common and leads to security breaches. It would be advisable to use a professional to ensure yours is installed correctly.



3. Use access authentication. Access authentication software works with your firewall to check the identity of anyone who tries to access your network. Based on this verification, access is granted to designated parts of the network, enabling you to control who accesses which parts of your server.



4. Encrypt your network. Like encryption software for PCs, network encryption prevents anyone who doesn’t hold a “code” from accessing documents. Network encryption provides security at the network level by coding all data that is sent between two or more parties that have access to or make use of the network.

Whether for PCs or networks, a defined formal security plan is a must for all businesses.