Security Is Everything
A little while ago, I started thinking about how far the world has come and going back into the days of my first job (Yep. Many, many moons ago at Jaycar). I was thinking about how many people paid and their PIN number was on the back of their credit card or on the back of their key card. I thought, oh my goodness, that’s not even obscurity. That’s not security at all. You might as well use a chisel to lock your door. It doesn’t make any sense.
The biggest problem you can face is not knowing whether your business is secure or not unless you’re in the game. You need to make sure that it is secure. You want to make sure that things aren’t being taken away and those little bits of ease aren’t at the expense of security. I’m sure your IT companies have told you this before, but if you want to have everything completely secure, the most secure network you’ll ever find is one that has no people on it and no connection to the internet.
When I was doing some support work for a school of 1,200 machines, I can comfortably say that during the school holidays after I got everything working, nothing broke, everything just kept working. It was great, but it’s not a usable system.
If you have everything completely locked down and nobody’s able to touch them there’s no point in having them. There always has to be a bit of flexibility and that’s where you need to make sure that you’re staying secure. Flexibility comes at risk if it’s not done properly.
If you’re connecting into your workforce from remotely you should be using a VPN or something to connect in that would connect to your phone, such as two-factor authentication. You want to make sure that you have great security in place. This goes on the premise as well.
Watch: What Is Better Than Just Having a Good Password
Lock It Up With Good Quality Locks
You can go down to Bunnings and you can buy a cheap lock. One of my sort of side hobby that I’ve done in the past to pass time and get my mind away from the analytical thinking and more towards a creative, physical thing is lock picking. It’s quite a hobby and it’s quite interesting. It was surprising to find, when I went over to my mate’s house, his parents had just built this beauty of a home, maybe 1.6 million dollar home near the water and it looked quite nice, as you’d imagine. The home was so fresh, that grass, you could still see those lines where the turf had been rolled out. We couldn’t get into the house. His parents weren’t home and his parents didn’t have a hidden key or anything like that, again, security through obscurity. They said, “Look, we just have to wait for us to get home. We’ll be home in about two hours.” I said, “If you don’t mind, I’ll just use my lock picking set.” I opened the door in about 10 seconds and that comes down to shitty locks. You can’t have bad locks on your doors. You’ve got to have good locks, you’ve got to have good security. Otherwise, you’re only keeping out the honest criminals. That’s what a lock is and that’s what a lot of security is around IT practises.
Get an IT Audit
These people have just popped in antivirus solutions and they’ve turned a small network into a bigger network. They’re still running a mum-and-dad practise, but the business is now turning over sizable income and wouldn’t be able to have the downtime that was associated with a mom and dad business. Have a look. Get an IT audit. Get someone to jump in and audit your business. You’ll be surprised at what the IT audit team can find: anything from security patches missing, old router firmware that needs to be updated, old wireless protocols that should be disabled or even things that let them get in because you don’t have the correct types of encryptions with any of the resources that you are dishing out remotely.
Read: IT Audit Checklist for Businesses in Australia
What About the Cloud?
Some people think, “I’m in the Cloud, so I don’t have to worry about security.” Well here’s a big, scary notice for you: you really really do more than ever if you’re in the Cloud because now if someone’s breaking into your shit, you can’t even unplug the cord and get away from them. You have to just sit there and let it happen. How terrible is that? That is of course unless you’ve got the right processes in place.
The Final Word
Have a talk with your IT service provider and see what they can do. IT security should be your number one priority. Remember that security through obscurity is not security at all. Stay good.