By Rich Kenney, Vice President, TechSolutions
Just as a doctor gets asked about that nagging pain during normal conversation at a dinner party or other social event, IT professionals similarly are asked about what to do for slow computers or about suggestions to make an IT environment more secure. So as a means to field some of those questions through a public forum instead of individually, I have compiled a list of 7 things you can do to keep your digital assets running in top form and in a secure manner.
1) Ensure You Are Running A Proper Antivirus Solution – With new virus threats being released daily, security has become a top priority for many businesses. Antivirus software on a PC is an absolute must. While it will not protect against all bad things out there, you are leaving yourself with a serious security risk by not having one installed. In a business environment, the antivirus software should be part of an enterprise solution so that all devices can be managed through a single pane of glass. Through that single interface, an administrator can check for current definitions, setup regularly scheduled scans and even give the command for all computers to immediately run virus scans. Enterprise level AV software is a necessity for all businesses with more than 3 or 4 computers in the mix.
2) Disable Unnecessary Startup Programs – Throughout the life of a computer, applications get installed and then forgotten about. Many times, an application will set itself or one of its components to automatically start with a reboot of your computer. Over time, this can result in slowing down a computer because of an unnecessary use of resources. Periodically, you should take the proactive step to view what is automatically happening each time you power on your computer and remove the programs that just don’t belong. If you are uncertain as to whether a particular program should be removed or not, do an internet search to investigate what it is doing and why it is starting automatically. If your search does not provide a conclusive answer then it would be best to leave the program alone. Microsoft has included a utility with each of its operating systems called “MSConfig” that allows you to see all of the auto-start apps. In addition, there are some free 3rd party programs that are a bit more useful than MSConfig such as CCleaner and Glary Utilities. In my opinion, both of these 3rd party programs are more intuitive and easier to use than MSConfig.
3) Physically Clean Devices – Depending on your environment and surroundings, the inside of computer towers can sometimes accumulate ½ inch of dust on the circuitry components. The most common issue with dusty components is overheating which leads to hardware failure. As a yearly ritual, you should remove the cover, take the tower outside and use a can of compressed air to blow out the dust from the circuitry. Compressed air cans are also useful in removing crumbs and other particulates from keyboards.
4) Keep Operating Systems and 3rd Party Apps Up To Date – On a weekly basis, you should ensure that your computers are being kept current on Windows Updates (or OS X updates for MACs). This is a very simple process that will ensure that known security vulnerabilities are being addressed as well as help keep your computer running at peak performance. Along those same lines, outdated 3rd party applications such as Acrobat, Java, and Flash can present even more security vulnerabilities than not keeping Windows up to date. Many 3rd party apps will download updates themselves, but will rely on the end user to install the updates, whereas others will rely on the end user for the entire process.
5) Think Before You Click – End users are the weakest link in the digital security chain. It is imperative that businesses see this issue as a priority and address it. Implementing tighter security controls such as a web content filter, instituting strong passwords, creating written internet usage policies, and training end users to recognize malicious emails would be critical steps to help strengthen this weakest link. Viruses and phishing schemes typically rely on the end user to fall into a trap to deliver their payload. Many times, that trap comes in the form of a hyperlink sent in an email or as an attachment to an email. Once you click the hyperlink or open the attachment, the deed has been done and you have been compromised (regardless of which antivirus software is installed). If something seems fishy in an email even from someone you know, consider it bad. Look for clues such as poor grammar or an email referencing something out-of-the-blue like a document, money or contract that you are hearing about for the first time. You can always check with the sender for an explanation.
6) Update Your Business Continuity Plan – As an IT professional, I am always surprised when I come across a potential new client who has no idea IF the data on the network is being backed up … or WHEN the data on the network is being backed up … or HOW the data on the network is being backed up. Not having at least two copies of your data is as dangerous for a business as driving in a NASCAR race going 200 MPH with no seat belt or helmet would be for Kyle Busch. Without two copies of your data, all it would take is one hard drive to die, or one user to get the wrong virus, or countless other scenarios and your critical business data is gone forever. Some methods of backing up your data are cheaper than others. Be sure that the method you opt to implement for your business is reliable and able to get you back up in running in an acceptable amount of time because downtime is costly. If you count downtime in dollars, what would the true cost of being down for an entire day be? How about an entire week? You should know the anticipated downtime if a full restore of your data was required.
The primary focus of this item is to ensure that you have a good, working and regularly tested backup of your data, but there is more to recovering from a major event than just having a good backup. You also need to have a plan, preferably a written plan that identifies everything that needs done when a crisis occurs. It needs to address your servers, your workstations, your phones, your office space, your website, your clients … and the list goes on and on. This is called a Business Continuity Plan or a Disaster Recovery Plan and all well-prepared businesses should have one in place.
7) Implement Two Factor Authentication – Nowadays, most businesses offer some sort of remote access to their employees. Offering remote access to your employees presents a security risk to your network and the data contained on it. Remote access is akin to leaving a door open to your house, but needing to pass a “test” to get through the door and into the house. Two factor authentication (2FA) increases security by requiring the remote user to pass a second test in order to get connected. With 2FA, not only will you have to pass the first test by providing your standard username and password but in order to pass the second test something else has to happen as well. Examples of that second test include being required to input a randomly generated 6 digit code that changes every 30 seconds read from a device on your keyring or pressing the “Approve” button on your smartphone. There are many different 2FA vendors out there and each has a different method of validation, but the underlying similarity is that having the additional authentication method in place significantly improves your digital security.
These are just a few things you can do as we start a new year to keep your computing assets protected and in top shape. The bottom line is to take a proactive approach so you can avoid or at least minimize problems that cost downtime and unnecessary expenses. If you need help with any of these or you feel as though your business could benefit from a consultation, please feel free to contact us.