Keep your data safe
Nicholas Alleyne from the Town of Caledon's Information Technology division shares his thoughts about the importance of keeping your data safe.
************
Almost every day over the last few years it seems there is another website hack or leak of information. We usually hear about large business or government, but it happens to small business, too.
Keeping your data and IT infrastructure secure and running is a challenge, no doubt. There is always a trade off: more security often means more work and expense.
Recently, a family member sent me a 15-page article about computer hygiene. For me as an IT professional, the information was great. But the average small business owner, I’m sure, doesn’t have the time or background to deal with such detail.
Finding a middle ground between no security (cheap) and watertight, professional-grade security (not so cheap) is important, particularly when you do not have full-time staff dedicated to security, or in some cases even to IT.
Whenever someone asks me about securing their IT networks and their data, I recommend the following:
- UPDATES
Ensure your computer operating system and the software you run are up to date. Running old, insecure software is normally the easiest way into a network. Having out of date software can leave you vulnerable to "drive by" attacks, where just by browsing websites with malicious advertising your system can be infected with malware. When your software pops up telling you it needs an update, listen. - PASSWORDS
Use a password manager. Most people use the same few passwords. This can cause problems when a website is hacked and your password is stolen. Hackers can then scan the internet trying your password and email address and often will find other places it was used. Using a password manager allows you to only need to remember one strong password. The app will keep track of the rest for you, and even create randomly generated ones when you need a new one. To find out if your email address and/or passwords have been stolen in a known breach, go to https://haveibeenpwned.com/. - BACKUPS
Back up your data. We have all heard this many times, yet many people do not listen until it is too late. I personally recommend using an application that takes your data off site. This could be to a backup location (home is better than nothing), or utilizing a cloud service. The cost may seem like a lot, but it is much cheaper than starting from scratch. - ADMIN
Do not run your user as an administrator on your computer. This one is a little more technical, but the main reason here is it prevents accidental downloading of malware from running amuck on your computer. Create a second account that does not have full access to install applications on your computer, run everything as this user, and when you need to install, or run those other applications, you can utilize your "Admin user".
The above steps will not keep you secure from everything out there, but they go a long way towards ensuring your data stays in your hands only.
Nicholas Alleyne is Supervisor I.T. Operations & Infrastructure at the Town of Caledon.