Home
A-Crypt Security
A-Backup Data Security
Small Business Systems
Back-Office Systems
Web Use Monitoring
IT Support
Network Design and Build
Services for Transport
Consultancy
Resellers
Contact Us
Security and Disaster Recovery

IT security and disaster recovery are two areas often neglected by business, especially small businesses who regard it as to be too difficult, time-consuming or expensive to consider. In truth a few simple measures can significantly reduce your risk of data loss or theft.
 
 


Could your company trade if you lost all your data?

Small businesses are particularly susceptible to data loss and many are not sufficiently protecting important information.

Data loss is an unfortunate fact when dealing with computers. It is estimated that 6% of computers will suffer data loss in a year. However, the effects and cost of data loss can be mitigated by taking the right precautions.

There are many types of data backup systems from tapes and CDs through to hard drive based systems and fully managed online systems.

  • Tape based backups are the most common method of backing up data and are reasonably priced. The downside is that the tapes have to be carried offsite each day to protect against fire or flood.

    Worn tapes have to be replaced occasionally and a failed tape could be totally ineffective for the task. A *survey by Yankee group and Sunbelt software April 2004 showed that 42% of respondents had experienced a failed tape restore in the previous 12 months

  • CD or DVD backups are not recommended for more than a small amount of data. CDs and DVDs are not a reliable solution and daily burning of discs is easily forgotten. The discs themselves are vulnerable to damage rendering them unreadable.

  • Online backup is becoming more frequent with the availability of fast internet connections. Systems such as Aparion's A-backup are software packages that are installed on a computer and automatically copy user-defined data to an offsite secure server. The benefits of online systems are that the software is automated and all the data is copied securely to a server over the internet, there are no tapes to remember to change, and in the event of a major loss such as fire or flood, the data is located in a geographically different place.


Care should be taken when choosing a backup solution as, whilst the speed and capacity of the backup is important, the speed and availability of recovery is essential. Some online backup systems are based in the USA meaning that the support department is 5-8 hours behind us, and the data has to be recovered over the internet, or by DVD in the post. Neither of these are fast.

A-backup servers are located in the UK so in the event of a major dataloss, we can get the data to you by same-day courier if necessary, getting you working again as soon as possible.

 



Data Security - Your Windows password is NOT safe!

The password you used to log into Windows does not protect your data in the event of your computer being lost or stolen. To read the data from the hard drive of a stolen computer is a very simple job and would take only a few minutes to get full access.

The solution to this problem is to implement an encryption package such as Aparion's A-crypt. This software runs on your computer and encrypts the entire contents of the local hard drive. This means that without the A-crypt password, your data is inaccessible, even if someone takes the hard drive out and installs it into a different computer.

The data is unencrypted when it is copied or moved off of the encrypted computer. This means that if you read a file from the company network, it will not be changed in any way for other users.

 


Your Wireless network could allow unauthorised access to your network

Many companies and individuals have a wireless access point (WAP) in their home or offices. These devices provide quick and convenient access to the network and the internet for staff and visitors. However the security of them should be considered carefully as inadequate security could compromise the security of the network and provide potential legal problems.

The data transferred between the WAP and the computer is broadcast over a distance so if this is not encrypted, the data can be 'heard' over a wide area. This would give someone nearby the chance to read the data being transferred.

One of the most common methods of encryption is called WEP. However, WEP is quickly overcome by a hacker and the network key is then compromised. This could allow an unauthorised user access to your network without it being immediately obvious. The potential consequence of this is that a hacker could get access to company or personal data, maliciously alter network settings or even download or upload illegal material via your internet connection. In that event the police would have your internet connection details and you would be presumed the offender with the burden of proof on you.

There are solutions to this, and the most easily implemented of these is to use WPA encryption instead of WEP. WPA is much harder to crack and most routers have it built in as standard. If your router does not have WPA then it is highly advisable to seek a replacement.

An additional step that can be taken is to regularly change your WPA key and distribute it only to those who actually need it. This minimises the risk of the key getting into the hands of those who shouldn’t have it.

 


Physical computer security - Don't let your data walk out of the door

This is the most overlooked and also the most obvious area of vulnerability. There is no point investing in the latest firewall, anti-virus or encryption software if your desktop computers or servers are easily accessible by employees or visitors or stolen in a burglary. Steps should be taken to:

  • Secure physical access to servers, either in a locked room or if space is not available then in a specialised storage cupboards can be purchased. It is important that the server is adequately ventilated or cooling equipment is installed.
  • Educate employees to “lock” unattended computers and enable passworded screen savers to come on by default when the machine is left idle.
  • Deactivate any unused network wall sockets by removing the cable between the patch-panel and the switch in the comms-room, especially in publicly accessible areas.
  • Use desktop and laptop locks. Computer desktops and screens have become lighter and more compact making them easy targets for theft.

Similarly, it is important to educate your employees in good computer security practices as the latest technology won’t protect you from a short, easily guessed password. Employees should:

  • Be encouraged to use long, complex passwords, which contain a mixture of cases, symbols and numbers. Passwords should also be changed monthly and not reused.
  • Not download and install unknown software from the internet, or open email attachments from anyone, unless they're expecting it. Particular files to be wary of are files with a name ending in .exe, .vbs, .scr or .zip. If in doubt, contact the sender and check it is legitimate. Many malicious software programs use the address book on the infected computer to send mail so the victim could be unaware that they have a problem.
  • Not to leave laptop computers in a car, even locked in the boot. A thief can break a door window and have the boot released and your laptop in a few seconds.