The most pressing information technology security problem facing Canadian entrepreneurs is not computer hackers. The majority of security breaches actually come from a company’s own employees.
They’re usually not doing it on purpose, though: Most breaches are accidents, such as an employee mistakenly emailing confidential client information outside the company, a cashier leaving a customer’s credit card information on a publicly viewable computer, or a manager inadvertently deleting important files.
One of the most common breaches: Accidentally downloading malware—those nasty little computer viruses and Trojan horses that can cause mayhem in your computer network.
Four in five Canadian small and medium-sized enterprises (SMEs) report experiencing a security problem related to information and communications technologies (ICT) caused by an employee in the previous year, according to industry research. But most SMEs don’t do much about it until it’s too late.
Many business owners pay lip service to tech security, but they don’t invest money in it.
As a result, actions usually gets postponed until the day an essential computer crashes or vital data gets wiped out in a malware attack. And with the proliferation of mobile devices, wireless computing and remote workers, the security challenge is growing bigger for entrepreneurs.
Evaluate your technology security
But IT security doesn’t have to be sporadic and piecemeal. Ideally, you should regularly evaluate your IT security as part of a larger review of all your systems. The idea is to make sure your tech gear and processes aren’t out of step with your business strategy.
Here is an ICT security checklist SMEs can follow as part of this review:
1. Strategy and human resources policies
2. Data backup
3. Desktop security
4. Internet and network security
5. Privacy and sensitive information
Do you do a periodic audit (every six months at least) of your ICT security checklist?