Security is usually low on the list of priorities for the small business. Bear with us a moment... We could devote the entire site & more to this topic, but others have already done so, and in much more detail than we can.

What we hope to highlight here are the potential risks, and then outline some defences to counter those risks. If, after reading this, you start to ask yourself about your own data security, then we have achieved our aims.

Broadly, security can be divided up as follows:
Electronic security - preventing internal & external electronic risks from viruses, hackers, etc.
Physical security - preventing the theft of your computers or their internal components.

Electronic Security

Your data is your business. Think for just a moment: If you arrived in your office tomorrow morning to find your computer(s) stolen / burned out / destroyed by a virus - would you be able to stay in business? Could you survive catastrophic data loss?

There are two principles here: First, you have the loss of data scenario as outlined above. Second is the more insidious problem of internal & external threats. You probably wouldn't post a list of your employees salaries on the company notice board, but leaving sensitive data on openly accessible network drives is almost exactly the same. In nearly every case where we deal with existing small networks, we discover just this sort of problem.

So, how do you protect your data?
Well, first you have to identify the risk. Most risks come from:

• Destructive Viruses: Viruses are, and always will be, a serious threat to the security of your data.
  
• Disk failures: It's really just a question of time. Summer is high season for this.
  
• Malicious damage: Deliberate deletion of data by internal or external means.
  
• Accidental damage: May also result in loss of data, and is very common. Let's be honest - who hasn't saved over a file they needed with a subsequent document based on the original?
  
• Industrial / electronic espionage: Spyware may be living in your PC, right now, without your knowledge. See the links at the bottom of this page for more information.

Having identified specific threats to your data, you have to defend yourself. You may need to take some (or all) of the following on board:

• Backup, Backup & Backup: Your first, second & third line of defence. Never rely on just one backup. Always store tapes/disks off site, or at least away from the machine being backed up.
  
• Anti-virus software: Obvious, and often installed - but rarely kept up to date.
  
• Proper network security: Simple, effective who-needs-what methods of protecting your data.
  
• Effective Passwords: Not the name of your spouse / favourite team / car etc.
  
• Informed Staff: Will make fewer mistakes, and won't regularly overwrite files.
  
• Firewall: You really would be amazed at the information your PC can broadcast about you while connected to the Internet. See below for more details.
• Disaster Recovery Plan: A routemap to get you back in business if the worst should happen. As a minimum, you will need contact information - fast.
  

Ultimately, we could write a book on this subject, but if you are local to us, then we can discuss your requirements with you.

Physical Security is generally easier to understand, as it relates to concepts we apply in our daily lives. Most of us would not leave our home or vehicle for any significant length of time without locking up. Some items to consider are:

• Restrict access to Servers: Either lock them in separate rooms, or fit lockable cages / cabinets.
  
• Lock away backup tapes / disks: Preferably in a fireproof safe in a separate location.
  
• Review office security: Do you need alarms / extra locks / secure glazing? Is valuable equipment openly visible from outside?
  

Common sense is nine tenths of physical security.