PC Security

Getting virus protection software

Prevent virus infections on your IT systems by installing anti-virus and email spam filter software. 
Whichever Internet Security software you choose, it should be installed on every single computer you have, including networked computers. The software should be set up to run in background AND to automatically retrieve updates online.

email safety

Never open email attachments from people you don’t know. If necessary phone and check with the sender first. If there’s no phone number there’s a good chance it’s a bogus email. Some popular scams can catch out even the most wary – frequent ones are from the well known banks (even though you don’t have an account with them), apparent email delivery failures or even warnings about viruses. Delete these messages straight away and NEVER reply to a suspicious mail – it will only confirm to the sender that your email address is valid and that you read the mail going to it.

Setting up a firewall

Firewalls protect your local network from unwanted visitors by screening out unrecognised or unauthorised communication. Choose between a hardware firewall, often an integral part of your router, or a software firewall.

Keeping your systems software up-to-date

To protect yourself from new and ever more sophisticated threats make sure your download Microsoft updates and patches as soon as they’re available. Check www.windowsupdate.com and www.officeupdate.com

Password security

Use passwords that are not easy to guess: you’d be surprised how many organisations’ website or confidential information is sitting behind passwords such as ‘admin’ or ‘password’.

Examples of 'bad' or 'weak' passwords

• 'admin' or 'password'
• your real name, system username or company name
• any password you write on a piece of paper and leave next to your PC
• a password known by someone else
• obvious alterations such as jane1, jane2, jane3 when you change your password

Examples of 'good' or 'strong' passwords

• One that’s changed every few months
• One that is at least seven characters
• One that is a combination of letters and numbers or even symbols, if your system allows
• One that you can remember without writing it down

Network security

Connecting remote users securely

Ensure you make full use of encryption and authentication technologies when allowing users to connect remotely. Take advice from your supplier.

Locking down wireless networks

Take advice from your supplier but ask specifically about using access points rather than ad-hoc peer-to-peer networking, and restricting wireless access to normal office hours.

Keeping your data secure

Backup all your data regularly, and make it company policy to store whatever device you've got your backed-up data on in a different location to your PC. Business critical information should be stored off-site wherever possible.

Depending on the amount of data and users you have, you could use simple DVD backup, an external hard drive or you can use a basic storage area network which will allow multiple systems to use a single backup device to store all data.  Alternatively you could consider using an on-line backup service provider but you should make checks to ensure the security of your data.  

Whichever back up method you use you should test it regularly to ensure it is accurate and accessible. It’s also sensible to run through the process of restoring your data from the back up once or twice, just so you know how to do it should you be unlucky enough to need to do it for real.

Securing your premises

• Use all available means to protect unauthorised access to your office computers; locks, alarms, lockable cabinets, asset tagging, and accompany all visitors all of the time
• log serial numbers of all equipment
• regularly review who has internal access to highly sensitive areas such as machine rooms or HR information
• lock doors and set alarms at the end of the working day
• test alarms regularly
• take care with sensitive documents and don’t leave them on desks or printers
• educate staff to be aware of these risks

Keeping your laptop secure

• keep the laptop in a padded bag and keep with you at all times, even when travelling
• consider purchasing cable locks to physically lock it to fixed equipment whilst in an office
• note the serial number
• security mark it
• change the default factory password as soon as possible
• If possible use a BIOS password and disable booting from a floppy disc or CD (see the manual for instructions)
• Use Microsoft windows XP’s encrypted file system to secure confidential files. This makes it difficult for unauthorised users to open the files should your laptop fall into the wrong hands.

 

Information security protects information held by organisations from a wide range of threats to ensure business continuity, minimise business damage and maximise return on investment and business opportunities. Use the British Standards Institution's standards on Information Security as a reference.

PC Security

Getting virus protection software

Prevent virus infections on your IT systems by installing anti-virus and email spam filter software. 
Whichever Internet Security software you choose, it should be installed on every single computer you have, including networked computers. The software should be set up to run in background AND to automatically retrieve updates online.

email safety

Never open email attachments from people you don’t know. If necessary phone and check with the sender first. If there’s no phone number there’s a good chance it’s a bogus email. Some popular scams can catch out even the most wary – frequent ones are from the well known banks (even though you don’t have an account with them), apparent email delivery failures or even warnings about viruses. Delete these messages straight away and NEVER reply to a suspicious mail – it will only confirm to the sender that your email address is valid and that you read the mail going to it.

Setting up a firewall

Firewalls protect your local network from unwanted visitors by screening out unrecognised or unauthorised communication. Choose between a hardware firewall, often an integral part of your router, or a software firewall.

Keeping your systems software up-to-date

To protect yourself from new and ever more sophisticated threats make sure your download Microsoft updates and patches as soon as they’re available. Check www.windowsupdate.com and www.officeupdate.com

Password security

Use passwords that are not easy to guess: you’d be surprised how many organisations’ website or confidential information is sitting behind passwords such as ‘admin’ or ‘password’.

Examples of 'bad' or 'weak' passwords

• 'admin' or 'password'
• your real name, system username or company name
• any password you write on a piece of paper and leave next to your PC
• a password known by someone else
• obvious alterations such as jane1, jane2, jane3 when you change your password

Examples of 'good' or 'strong' passwords

• One that’s changed every few months
• One that is at least seven characters
• One that is a combination of letters and numbers or even symbols, if your system allows
• One that you can remember without writing it down

Network security

Connecting remote users securely

Ensure you make full use of encryption and authentication technologies when allowing users to connect remotely. Take advice from your supplier.

Locking down wireless networks

Take advice from your supplier but ask specifically about using access points rather than ad-hoc peer-to-peer networking, and restricting wireless access to normal office hours.

Keeping your data secure

Backup all your data regularly, and make it company policy to store whatever device you've got your backed-up data on in a different location to your PC. Business critical information should be stored off-site wherever possible.

Depending on the amount of data and users you have, you could use simple DVD backup, an external hard drive or you can use a basic storage area network which will allow multiple systems to use a single backup device to store all data.  Alternatively you could consider using an on-line backup service provider but you should make checks to ensure the security of your data.  

Whichever back up method you use you should test it regularly to ensure it is accurate and accessible. It’s also sensible to run through the process of restoring your data from the back up once or twice, just so you know how to do it should you be unlucky enough to need to do it for real.

Securing your premises

• Use all available means to protect unauthorised access to your office computers; locks, alarms, lockable cabinets, asset tagging, and accompany all visitors all of the time
• log serial numbers of all equipment
• regularly review who has internal access to highly sensitive areas such as machine rooms or HR information
• lock doors and set alarms at the end of the working day
• test alarms regularly
• take care with sensitive documents and don’t leave them on desks or printers
• educate staff to be aware of these risks

Keeping your laptop secure

• keep the laptop in a padded bag and keep with you at all times, even when travelling
• consider purchasing cable locks to physically lock it to fixed equipment whilst in an office
• note the serial number
• security mark it
• change the default factory password as soon as possible
• If possible use a BIOS password and disable booting from a floppy disc or CD (see the manual for instructions)
• Use Microsoft windows XP’s encrypted file system to secure confidential files. This makes it difficult for unauthorised users to open the files should your laptop fall into the wrong hands.

 

Information security protects information held by organisations from a wide range of threats to ensure business continuity, minimise business damage and maximise return on investment and business opportunities. Use the British Standards Institution's standards on Information Security as a reference.