Tip

Microsoft's Security Guidance Center for Small Business

In recent months, Microsoft has really upped its investment in helping customers make their Windows systems and networks more secure. From webcasts to security clinics to other online resources galore, the company seems to be putting a lot of its money into educating and informing its user base across a wide range of security topics, tools and technologies.

A quick look at the company's

Requires Free Membership to View

Security Guidance Center for Small Business underscores an observation that common sense, constant vigilance and secure behavior have as much to do with maintaining proper information security as does any application of tools or technology. The primary thrust of this offering is what Microsoft calls a "small business security checklist." As a quick perusal of that checklist's contents will verify (it's reproduced verbatim in the numbered list that follows), as much or more of its coverage deals with managing people and processes as it does with installing, updating, or using technology:

  1. Update your software: If there's a patch available, install it. It's a simple way to avoid serious problems, yet many fail to do so.
  2. Protect against viruses: Companies large and small can be crippled by viruses. Make sure every company PC, server and laptop is fully protected.
  3. Set up a firewall: This isn't as intimidating as it sounds and it's the most important thing you can do to thwart hackers.
  4. Tighten in-house security: Not all threats are high-tech. A casual break-in or disgruntled employee can cause serious damage too.
  5. Strengthen passwords: If you or your employees use simple passwords and/or fail to change them regularly, your company is vulnerable.
  6. Backup critical data: If the thought of losing everything stored in your computers terrifies you, there's a simple solution. Schedule regular back ups.
  7. Embrace smart Web browsing: Unscrupulous sites, as well as pop-ups and animations, can be dangerous. So can browsing from a server.
  8. Safeguard wireless networks: They're a great innovation, but wireless networks are more vulnerable than cabled networks. Do all you can to reduce your exposure.
  9. Connect remote users securely: Remote access to your network may be a business necessity, but it's also a security risk you need to closely monitor.
  10. Lock down servers: Your servers are your network's command center. If your servers are compromised, your entire network is at risk.
  11. Lock down clients: A lack of stringent administrative procedures could sabotage all of the security safeguards you've just instigated.

All of these points are familiar and reasonably well understood. But there's an unfortunate tendency to put them off or avoid thinking about them in many small operations. Seeing them laid out clearly, with short, clear explanations attached to each point (the links are live in the text above) makes them much easier to read and heed. Interested IT professionals will also find a nice collection of case studies, introductory infosec material, and more on this Web page. It may be too elementary for those who work in and around information security, but it's just right for co-workers, colleagues, or family members who need a quick brush-up on security concepts, routines, and best practices.


Ed Tittel is a writer, trainer, and consultant based in Austin, TX, who writes and teaches regularly on information security topics. He's a contributing editor to Certification Magazine, series editor for Exam Cram 2, and writes for numerous TechTarget Web sites. E-mail Ed at etittel@techtarget.com.


This was first published in June 2004

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.