Computers are one of a company's main sources of vulnerability. How can you ensure optimum security?
The principle of IT security is the same as protection against home robberies or against car theft: sooner or later, even the best security system ends up being breached. However, the main targets of robbery or theft are homes and cars, which are unprotected. If there is a (modern) alarm or immobilization system, most burglars or thieves will be discouraged.
Firewalls and anti-virus protection
For digital and interconnected work, security software like firewalls or anti-virus programs handle security. These are vital for any IT infrastructure. But the most expensive software is useless if it is not updated. The IT officer or, in small companies, the boss, is responsible for updating software. Anti-virus software and firewalls must be updated constantly. In the best case scenario, the latest versions are downloaded automatically.
In addition, the firewall must be activated on all networked devices via the internet, since the operating system has to be regularly updated. A software specialist can set up the PC so that all necessary updates are done automatically. Another part of IT safety and data protection involves allocating passwords to users for each PC and for the screensaver.
For several years now, the association InfoSurance has been handling IT risks in small and medium-sized enterprises. To help companies implement an appropriate protection system, InfoSurance published a 10-point program in 2005. In 2009, the association supplemented the program by adding 10 further points basically aimed at companies requiring a high level of system availability and absolute confidentiality for their data (see opposite).