The last few years many of us have worked hard to convince others of the merits of internet connectivity and the tools associated with it such as Email. The productivity benefits of the net and the associated communication and collaboration tools are desirable to any business. We even heard the fed chairman Alan Greenspan mention “productivity” as a factor in the prospering economy, perhaps largely due to these tools. Perhaps the time has come for us to reflect on the negative elements and potential pitfalls associated with access to this wonder of modern technology. A great place to start would be, well, productivity. Today I was briefly distracted by a neat flash soccer game a colleague had shared with me. Or what about that temptation to send those joke e-mails to hundreds of your closest friends and co-workers? Certainly some of the good with the bad is ok, right? How about those viruses? You know the ones that disguise themselves as one of those joke e-mails that your buddy in accounting always sends you. Or maybe like the one your cousin in the Midwest sent you yesterday. Another threat you could face is having someone shut your computer down if you happen to be running the wrong browser and visit the wrong site, or worse yet hitting the wrong site with the latest exploit that no patch exists for. Let me get on with my real point here. The internet and email are not toys; they are tools, at least for business purposes. Risks taken by a home user are acceptable to the degree that they are willing, but out of respect for your profession it is becoming more and more apparent to me that you should treat your work systems as a the valuable tool that it is. Even if you have expert IT professionals setting up and maintaining these systems, you can still be at risk. Why take the chance?
Now let’s break down what an IT professional or qualified organization like Managed Solutions can do to help you protect your business:
1. Implement antivirus systems and policies, particularly at the entry points such as email and internet gateways.
2. Increase security policies for web browsers and mail clients.
3. Lock down routers, firewalls, and machines to necessary and mission critical services only.
4. Implement an Acceptable Usage Policy or AUP that would hold employees accountable for placing the systems at risk, simple guidelines that are easy to understand are most effective.
5. Become “in tune” to the security issues that arise on a daily basis and dynamically adjust the approach to securing systems from these risks starting with the most significant threats and working down from there, working diligently to close any potential security hole that may exist.
6. Stay ahead of the curve by seeking the next problem and solution, it is a moving target most of the time.
Now let’s take a look at what the end user can do to help protect their employer and their productivity:
1. Follow any guidelines or AUP that your organization provides to their employees.
2. Avoid using business mail systems for personal use, if necessary use a web mail service like hotmail or one provided by your home ISP and avoid opening any attachments on your work system.
3. Verify the authenticity of any email you receive with attachments, particularly if they claim to contain patches or anti-virus solutions in them. Most IT professionals would limit such correspondences to warnings but avoid sending files.
4. Never intentionally disable or circumvent security or protective measures in place, when you do you are opening yourself and your companies systems to a plethora of threats.
5. Do not install any software on your work machine, unless explicitly advised to do so by an individual with the authorization to do so. Many innocuous programs can harbor Trojan horse viruses or spy ware.
6. Remind yourself that thing on your desk is a tool, it is intended to help you and your employer be successful. Don’t take risks with your livelihood.
I am not using Email or Internet access in my business but would like to, what should I do?
1. Get the advice of a respected IT professional in your area, be sure to ask for references and check them out before proceeding.
2. Focus initially on what you want to accomplish and why. Make sure that your expectations and needs are well presented.
3. Get a second opinion if you’re not comfortable with the provider you consult initially.
