These are the type of questions you should ask yourself when making decisions about technology and related policies within your organization. Threats to your information come from four different sources: acts of nature, system failures, operator errors, and malicious activities. Guarding against these threats requires a mixture of good network infrastructure, security policies, and daily discipline.

A daily backup of your data is the most effective step you can take to secure your information. This one action will protect you from everything except data theft. If you have one computer, backups are easy. With more computers the task becomes more difficult. If your organization has several computers, you should set up a network server as a central location for storing all of your data and backup the server daily. Store your backup media off-site or, at a minimum, in a fire-proof safe so you can recover if some natural disaster damages your office. There are several backup solutions that will encrypt your backup data and store it on the Internet. These online backups are easy to use and are a good solution for most small organizations.

Establish security policies to restrict access to the information in your organization’s computers. This will prevent theft, operator error, malicious tampering, and ensure that only authorized people access sensitive information. The best way to restrict access is enforcing the use of passwords to log onto any computer. The most effective way to enforce the use of passwords is a server based network and a business level operating system. Although consumer grade operating systems like Window 98 and Windows ME can use passwords to control access to a computer, they don’t provide broad access policies that restrict access to sensitive data.

If you connect to the Internet with a broadband connection, you should install a firewall. Installing a firewall is like putting a deadbolt on your front door. The quality of the lock will determine how much protection you get, but any lock makes you a less likely target than the person that doesn’t lock their door. Firewalls come in three basic flavors: hardware components that install between your computer network and the Internet, software applications on your network server that control access to and from the Internet, and so called personal firewall software that installs on an individual computer.

Broadband routers are readily available and make effective hardware firewalls. A router allows many computers to share one Internet connection and uses Network Address Translation (NAT) to set up a security maze that makes it harder for hackers to access your computer.

Many broadband terminal adapters like DSL modems and cable modems also use NAT to create a firewall. A determined hacker can break through a NAT firewall, but most hackers will move on to easier targets. Unfortunately, NAT firewalls limit authorized access from the Internet, such as remote access of your office network from your home computer. There are high-end hardware based firewalls that provide more security and flexibility, but they are generally cost-prohibitive for most businesses. Another option is personal firewall software applications that are designed to protect a single computer. These provide effective firewalls, but a broadband router is easier to use and provides room for growth.

Software-based network firewalls install on your network server to control access to and from the Internet. This type of firewall can only be used if you have a server-based network, but it provides greater security and more flexibility for authorized access over the Internet.

Routine use of the Internet raises your exposure to computer viruses. The most prevalent attacks are viruses delivered by email attachments. A basic rule of thumb is never open an email attachment ending with .exe or .vbs. Many viruses are nothing more than obnoxious, some are hoaxes that do nothing, but some can do real damage such as destroying your business information or your computer operating system.

Anti-virus software is inexpensive insurance against viruses. It can be set up to provide real-time protection, scanning files, including email attachments, as they are opened or accessed. It can also be set up to perform routine scans on all files on your computers. Anti-virus software relies on routine updates as new viruses are discovered. Therefore, you need to ensure that you download updates regularly. Most applications can do this automatically. For server-based networks, enterprise level anti-virus software simplifies the management of the system and prevents individual users from accidentally disabling their virus protection.

Whether your daily work involves one computer or several, you should consider the importance of your stored information. Broadband access to the Internet opens many avenues of productivity, but it also introduces some new threats. Server-based networks maximize the benefits of your computer infrastructure and improve the security of your data. Server solutions, such as Microsoft Small Business Server 2000, include excellent security, tools to manage data backups, and network firewall services. If you do nothing else, backup your data daily. You know you should.

(Editor’s Note: Scott Colson is President of Autonomix, Inc., a Microsoft Certified Partner providing technology solutions. He can be reached at (206) 842-0378 or scott@autonomix.com.)