Too many small businesses fail to implement basic security measures.  This lack of security makes them vulnerable to lost data, lost productivity, and legal liability issues.

The following is a list of basic Best Practices every small business needs to create a Secure Computing Environment.  This list is common to most small businesses but security is a complex topic and many businesses will have additional needs.

  • Strong Passwords – Must include:
    • At least 8 characters
    • Upper and lower case letters and numbers
    • Special characters
  • Enforce Strong Passwords with your Windows Server
  • Use Two Factor Authentication for all online services that contain sensitive data
  • Consider Two Factor Authentication for computers if you don’t have a server or if you have remote computers outside of your network
  • Quality Business Grade Firewall
  • Web Security – Content Filtering, Anti-Virus, UTM (Unified Treat Management), etc.
  • Anti-virus software on all computers and servers
  • Spam and virus filtering of email
  • Remove or disable un-needed local user/admin accounts
  • Security patching for all computers
  • User training:
    • How to recognize phishing attempts
    • Importance of good passwords
    • Don’t share passwords
    • Don’t leave passwords written down in an accessible location
    • Don’t send sensitive info via email (passwords, CC info, etc.)

You should be doing everything on this list to provide a basic level of security for your business.  For businesses that deal with sensitive information or have additional regulatory requirements there are additional security measures that are commonly used:

  • Two Factor Authentication for computer logon
  • Phishing Detection Solution
  • VPNs (Virtual Private Networks) for all remote access
  • Remove local admin rights for users on all PCs
  • Restrict user’s ability to install software
  • Security Awareness Training

Good security starts with being aware of your vulnerabilities.  Every piece of technology used by your business should be evaluated for security needs including all hardware, software, online services and Internet connections.

All of the capabilities listed here are included with our CompleteCare service.  If you don’t use CompleteCare you can still implement these solutions with relatively minimal cost.

Contact Willits Technologies today for more information about these basic security measures or to have Willits Technologies do a security review of your business.  Call us at 281-333-2505 or email sales@wti.cc

Related Posts

What is Zero Trust Security?

What is Zero Trust Endpoint Security? Zero Trust Security is a security architecture that requires all users within an organization’s network to be authorized, authenticated and continuously validated. Zero Trust security assumes that every machine is compromised, every network is…

Read More

Why a Password Manager Is Essential for Your Business!

We have always preached using good passwords and 2-Factor Authentication (2FA) to our clients but we continue to be disappointed by how few actually do it.  There is just no way around it when it comes to the best practices…

Read More

Security 101 – Local User Accounts

Properly managing Local User Accounts is critical for both security and recovering a malfunctioning computer.  Unfortunately many people aren’t even aware they exist and even fewer know what they should do with them.

Read More

Take the First Step Toward High-Level, Affordable IT.

Willits Technologies

1110 Nasa Parkway, Suite 460, Houston, TX 77058
281-333-2505
281-971-3993
sales@wti.cc
Menu
Welcome to our spam trap department, enjoy your blacklist!