News From Terre Haute, Indiana

October 7, 2012

BUSINESS CENTS: Where’s your sense of security?

Heather Strohm
Special to the Tribune-Star

TERRE HAUTE — Recently I was having a discussion with David Dubree of NPG Computers in Sullivan about common mistakes business professionals make regarding technology and specifically their business computers.

Dubree said one of the most common mistakes he sees is people who don’t update virus protection on their computers. This truly got me thinking about how important it is for businesses and individuals to update their computer’s virus protection. After nearly five years of no problems with viruses, it finally caught up to me. Both my laptop and desktop were infected. So what are the top threats to personal computers?

1. Stolen/lost laptop or mobile device. Do you recall when a Department of Veterans Affairs employee’s laptop was stolen from his home in 2007? That theft left the medical history of nearly 26.5 million veterans exposed. One way to prevent that is to install encryption programs. Encryption encodes the data so it’s unreadable to outsiders.

2. Malicious Code. Everyone typically has heard of firewalls being breached in a company. What does it mean to have your company firewall breached? Companies have programs they use to run reports, store data and process information. When a firewall is breached, all of the programs the company has can be deleted or altered so that they company is unable to continue processing and moving necessary information. Combat that by making sure the computers have the most recent anti-virus updates, firewall and office automation software.

3. Phishing and spear phishing. Phishing is pushing out generic email blasts in the hope that someone will click and follow through with the request. Spear phishing is targeting individuals by using unique emails that appear to be genuine to all employees who are members of a company. If an employee is asked to confirm their “administrator password” it is most likely a form of spear phishing. No one will ever ask you to confirm your password. Make sure your employees understand what spear phishing is, and make sure they know not to respond to it.

4. Unsecured wireless Internet networks. Hackers and fraudsters can gain access to businesses’ computers through an open wireless Internet network. If you are establishing a wireless network, then be sure to encrypt the network with WPA or WEP encryption. Encrypting the data will prevent anyone who might be able to monitor your network traffic.

Although no individual, employee or business is 100 percent safe, by implementing the above numerical points it will dramatically decrease not only the threat but also the probability of critical information being exposed.

Heather (Penney) Strohm is the regional director for Indiana State University’s Indiana Small Business Development Center.