You wouldn’t leave your office door open when you finish work for the night, so why would you not make every effort to keep your business safe online as well? Many startups will be developing new technology or products that are naturally market-sensitive, and that could be of some value to unscrupulous outsiders. Protecting your intellectual property is a must, which means it’s vital to safeguard your IT network at every step, just as you would take physical precautions through things such as a burglar alarm.
Here’s how to go about it:
Remember that your website can be hacked and used as an entry-point into your network, so you must take adequate protection. One of the biggest threats out there currently, and one that is consistently generating headlines, is DDoS attacks. These are often used as a distraction while hackers root out sensitive information. While a determined attack is very difficult to resist, if you are worried about being targeted then consider cloud web hosting services – the host may have the bandwidth to cope.
Take a proactive approach to the health of your network. A good place to start is by developing a clear picture of exactly what devices and applications are currently on it, and removing any which shouldn’t be. Keep up-to-date on IT threats, and insist on patches being installed immediately to software as soon as they are issued.
You should have the very best firewall you can afford between your network and the internet. All PCs, laptops and smart devices should have their own firewall installed too, as well as software that will keep out viruses, malware or spyware without impairing performance. Every device that is used by staff for business purposes, whether in the office or on the road, ought to be secured.
While most of your employees are going to be at least aware of the common types of threats out there, they may not know exactly how they should be dealt with, and anyway these threats are constantly evolving. Regular training on different types of email scams, and the dangers of clicking on apparently-innocent links, should be provided. Don’t neglect social media either – hackers can exploit what your staff may consider to be innocuous information on their profiles.
You should be backing up all of your data at least once a day, preferably onto a removable hard-drive. This reduces the risk of data loss, which can be disastrous to company reputation as well as profits. The danger is not just from hacking but from physical threats such as fire or flood damaging your servers. If you are storing a lot of information, or data that is particularly sensitive, then you may even want to consider outsourcing management of it to a third-party data centre.
Any data that you would not wish to be in someone else’s hands should be fully-encrypted and, if possible, kept in separate locations – different parts of the network, different servers. Like keeping customer names and bank details in separate filing cabinets – it doesn’t make it completely safe, but it just makes a hacker’s job that bit more difficult and gives you a better chance of staying safe.
A good password is the first line of defence (or second, behind a solid firewall), but it’s strange how many people still seem to neglect it. You should have a system in place where all staff, from management down, are forced to create secure, strong passwords using lower and upper case letters and numerals, and to change them regularly.
Either adequately fund and staff your IT department, so that they are able to counter security threats proactively and effectively, or look at outsourcing some or all of your IT to a third-party.