2. Perform Off-Site Backups
Small businesses have basically two approaches to choose from in doing backups: One is to copy critical data to a series of external hard drives and periodically rotate them from your office to a remote location (such as a bank safe deposit box). The other is to use one of a number of online backup service providers such as Box.net, Symantec Online Backup, Carbonite, or Mozy that offer low cost gigabyte-level storage. Big IT typically uses off-site tape storage because of the quantity of the data involved, but for smaller outfits, online services are less expensive and more convenient.
The trick with either method is to use them religiously, and to ensure that all of your data is copied on a regular basis. The online backup option could be especially handy in more than one way: Earlier this year, Damian Zikakis, a headhunter, had his laptop stolen when someone broke into his offices. He replaced it a few days later; and because he had used Mozy, he thought that he was covered in terms of being able to bring back his files from the Internet backup.
When Zikakis had a moment to examine the layout of his new machine, he "found several incriminating files. The individuals who had my computer did not realize that the Mozy client was installed and running in the background. They had also used PhotoBooth to take pictures of themselves and had downloaded a mobile phone bill that had their name on it," he says.
Zikakis did a bit of head hunting on his own and contacted the appropriate police department with this information. They were able to recover his computer, and now have the task of figuring out who actually took the laptop originally and what law enforcement options to pursue.
3. Use Hardware to Secure Your Internet Connection
SMBs often are not as attentive to the security of their Internet connection as they should be, and the results of such neglect could be disastrous. Last year, hackers compromised the point of sale system (POS) of clothing designer firm Nanette Lepore. The hackers managed to reconfigure the outdated firewalls and sold some stolen credit card numbers from the company's high-end clientele.
This happened because the company's chain of retail stores had little or no security measures or proper procedures. "All of our store clerks were using the same password to access the POS," says Jose Cruz, Nanette Lepore's network manager. "It was wide open. No one had ever thought to change passwords periodically, or even use different ones for each user. Prior to my arrival here, the emphasis on POS security wasn't urgent. Needless to say, this all changed."