Technology Management

Play It Safe

SBOCTeam — Tue, 30 Sep 2008 17:19:00 GMT

How to Protect Your Customers' Confidential Info

By Christopher Freeburn

Customer data may well be your business's most critical asset. Unfortunately, there are plenty of thieves who would like to gain access to it. Identity and credit card theft are burgeoning problems. Customers' names, addresses, and credit information are valuable commodities that thieves not only steal, but actually trade among themselves. Today's profusion of computer technology and online connectivity has proven not only a boon for business, but for thieves as well. Protecting your company's information is as vital as locking your office doors.

The World Wide Web of Hackers
There's almost no way to isolate your business from the Internet these days. Even the smallest businesses usually have web sites and email is now virtually a business requirement. That usually means that the computers you use for business are likely connected, either directly or through your company network, to the Internet. While there is no question that the Internet has been a huge boost to small business, it comes with serious security risks.

The Internet connection that brings the world to your business's front door can also let unscrupulous thieves dive right into your company hard drives and gain access to vital customer and business data. "The best way to prevent that is to make sure that your company network and computers have a robust firewall and use the latest Internet security software available," says Cambridge, Massachusetts-based computer security expert Dan Smith. "This applies even if you outsource your company's online services to a web hosting company." If you don't know how to enable your firewall and security software properly, hire a network or computer expert to do it for you. "Your firewall is the first and best line of defense in keeping unwanted people out of your system," Smith explains. "If you don't pay enough attention to it you can find your network crippled and your data stolen."

A wide variety of Internet Security software packages are available for small businesses. Additionally, personal computers and network servers come with some form of internal firewalls that will work in concert with third-party Internet security software. Most of these programs feature an automatic update feature that allows the software to contact its manufacturer online and check for software updates. Since the battle between hackers and security software is never-ending, keeping the update feature active is crucial to receiving updates meant to combat the latest threats.

Isolate Data
Your company data can be threatened not only from the outside, but also from within your business as well. Last January, news organizations reported the story of a Florida architectural firm whose office manager, erroneously believing she was about to be fired, deleted seven years worth of company records, including millions of dollars worth of blueprints and drawings from the firm's computer. The company was able to recover much of the data, but only at great expense. In order to prevent accidental or deliberate loss or theft of data, it is a good idea to restrict access to the company network-or at least to the most sensitive data-to a few trusted, high-level employees. Most network software packages offer a variety of different password-based levels of access to the network and its assets.

Make sure that employees guard their individual passwords and that the passwords of employees who depart the business are deleted immediately.

Shredding to Security
Keeping your company's critical data secure often means more than simply keeping your computers free from hackers and the office doors securely locked. Too many companies forget that documents tossed out with the trash become instantly vulnerable to thieves or competitors.

There is no privacy in garbage, according to a 1998 Supreme Court ruling, which means anyone can grab a garbage bag from your firm left at the curb and legally sift through it. That means your competitors can legally acquire sensitive information about your business if you aren't careful enough to properly dispose of it. It also means that identify thieves might glean enough personal information regarding your customers to open credit cards accounts in their names, causing them substantial financial harm.

In order to protect your company and your customers, you should consider creating a formal company policy regarding document disposal. And then make certain that all employees understand and follow through with its implementation.

Any paper that contains customer names, account numbers, or billing information should be shredded. The same is true of company documents that provide employee names, social security numbers, payroll, medical insurance, home addresses, or salary information. But you should also be shredding any documents containing information valuable to your competitors. Sales numbers, financial analysis, marketing plans or reports, web site usage figures - all of these could be of potential interest to competing companies. Legal documents as well. In practice it's a good idea to shred any document that sheds light on your company's internal practices or arrangements.

Document shredder machines are available in a wide range of sizes and prices, with small units running under $60, making it easy for a small business to have several such machines where needed. Traditional shredders rend documents into narrow vertical strips. Newer cross-cut shredders slice the documents two ways, rendering them into confetti that is almost impossible to reconstruct.

Wireless Vulnerability
Once upon a time, connecting the computers in a small office meant running wires all over the place. Today, setting up a wireless network for a small or home-based business can take little more than a few hours work. But for all their convenience, wireless networks face a serious downside: security. Your wireless router broadcasts your network's data indiscriminately over a certain area (anywhere from a 100 to 300-feet radius from the router). Any computer equipped with a wireless network card within that area can receive the signals and access your network.

"The number of businesses that forget to install some level of encryption in their wireless networks is astonishing," says Dan Smith. "People who are scrupulous about installing Internet anti-virus programs just blank on wireless access security." But the consequences can be serious. "There are people who set up their laptops outside office buildings and shopping malls looking for vulnerable wireless networks," Smith explains. "Once they find one they can penetrate they'll poke around until they find some useful information." That can include customer data like credit card numbers and billing addresses or employee data like social security numbers. "Once they have anything like that, it can be used for theft or identity fraud, or sold to others for that purpose."

In order to prevent unwanted intrusions, wireless equipment manufacturers have developed a variety of encryption programs. Most wireless network equipment comes with two basic encryption systems: Wired Equivalence Protection (WEP) and (Wired Protected Access) WPA. These encrypt your wireless signal, requiring any wireless-capable computer to have the right encryption key to decode the signal. WPA is the more robust encryption protocol. Keeping firewalls enabled on all networked computers and changing network passwords is also recommended.

Vista and Office 2007 - Microsoft's Next Generation

SBOCTeam — Sun, 29 Jul 2007 23:52:00 GMT

What do you get for your money and should you upgrade now or wait to buy a new computer?
By Reed Richardson

Earlier this year, Microsoft debuted new updates to both its venerable Windows operating system and Office software suite. And while the early buzz on Vista (which replaces Windows XP) and Office 2007 (which replaces the last Office update from 2003) has been mostly positive; you should weigh several factors before upgrading to these newest Microsoft products.

With Vista, the first and most noticeable upgrade involves security. With enhanced firewall and spy ware protections built-in, as well as much more robust administrative controls, protecting and backing up sensitive company and customer data or those worried about potential hardware failure might consider switching over to Vista sooner rather than later. But if these aren’t pressing matters for your company, it may make more sense to heed the advice of technology expert Russell Morgan, who, in a recent column in PC magazine, recommended “timing your decision to upgrade to Vista to be in line with any hardware purchasing pattern you’ve already established.” Surveys indicate that many companies are taking just this approach.

Four months ago, Derick Alan says he was trying to decide if he should upgrade to Vista on his old computer or buy a new one with Vista pre-installed. “I’ve been using Microsoft for a long time, since Windows 95, and I’m always one of the first users to adopt new software,” he says, “but I also know about all the problems that can come with upgrading.” In the end, Alan, who blogs for the Internet marketing company yTen Business Solutions, based in Springfield, Missouri, decided to buy a new computer with Vista preinstalled, one that could easily handle both his personal pursuits, like casual gaming, as well as more business-related tasks like HTML programming and web development. So far, he’s very satisfied.

“My printer, my router, my digital camera, the graphics on my games, even my old version of Office works without a hitch in Vista,” he says. “Most definitely, Vista has seemed like a good step up from Windows XP.” Still, Alan’s experience wasn’t without some minor hiccups.

“My new Hewlett Packard laptop listed itself as ‘Vista capable’ but once I got it home, I was a little surprised to find out that only the Home Basic version would work well on it,” he explains, echoing a common complaint. “To be able to eventually run Vista Premium, I had to upgrade my RAM.” (A class-action lawsuit against some computer manufacturers is now brewing over what critics are calling misleading use of the term “Vista capable.” To check system requirements for each Vista version, go to windowsvista.com/upgradeadvisor) And Alan notes that despite his positive experience, his company continues to hold off on converting because of ongoing worries about Vista’s effect on some custom, in-house software applications being run at yTen.

Keith Galbut, partner in the Phoenix, Arizona–based Galbut & Hunter law firm has also yet to fully adopt Vista, despite being impressed with its performance during a recent pilot program his company participated in. (Microsoft provided three copies of Vista and Office 2007 to his firm free of charge through a third-party IT provider.) “I loved the improved search functionality and the new look and feel of Vista’s menu,” he says. “But because of concerns about connectivity with some of other accounting software, we’re being cautious.” However, Galbut has gone full speed ahead when it comes to upgrading to Office 2007. “Technology is an important part of what we do,” Galbut notes. “We charge for our time and the longer it takes us to do something, the less efficient we are, the less client value we provide.” So, Galbut says he has come to appreciate the increased functionality of the new Professional version of Office 2007, which includes Outlook and Access. “With all of our dockets and deadlines, dates are a very important element of what we do and what we’ve really liked more than anything is the ability of these programs to help us keep better track of it all.”

Tom Abshire, Senior Product Manager at Microsoft says people like Galbut are really the ones the software designers had in mind when they built Office 2007. “We know from our research that their number one concern is growing their business,” he says. “So those were the big themes we used when developing the new Professional and Small Business versions.” Abshire says Microsoft did this by adding new graphics functions like SmartArt to its Word and Excel programs, expanding the Business Contact Manager portion of Outlook, and by building the new Fluent user interface (formerly called Ribbon), which he says is makes working in Office more efficient and task oriented than in the past.

“We understand that most small businesses are working hard just to get the job done and that they mainly upgrade by buying a new PC,” Abshire explains. “And we are there when they are ready to take that next step.”

Reed Richardson is managing editor for Business 24/7 magazine.