IT Security Checklist

What can you do to ensure your IT systems are protected against the modern world of continuous security threats?

We have always focused on keeping our customers’ networks secure and have provided you with a 10 point security checklist.

1) Firewall
2) Anti-Virus
3) Backups
4) Encryption
5) Patching
6) Operating Systems
7) Anti-Spam
8) Disaster Recovery / Business Continuity
9) User Permissions
10) Check Where Your Data is Stored

 

The Security Checklist

WatchGuard Firewall from Vantage IT

1) Firewall

A firewall can protect both individual computers and corporate networks from security threats such as hacking attempts.
 
Vantage IT is a WatchGuard partner. These world-class appliances use a wide range of protection mechanisms and a huge number of optional security features. These include intrusion prevention, application control and gateway anti-virus for optimum security.
 

For remote working a Virtual Private Network (VPN) can be implemented which enables users to remotely connect to your organisation’s resources. This offers a much smaller risk of your data being intercepted over the internet as all traffic is encrypted before transmission.
 

2) Anti-Virus

McAfee Computer Security from Vantage IT

There are tens of thousands of viruses and malware in existence that affect Windows-based computers and this number is growing all the time. Ransomware, for example, has been catastrophic for some organisations due to the data loss and disruption it causes. The NHS is one of the many high profile bodies that have recently been hit by this type of malware.
 

Our Anti-Malware Administration (AMA) service enables central management of the anti-virus software, which ensures prompt deployment of updates. Additionally, when the AMA service is updated to block specific malicious software, each protected device receives the update within the hour of it being set. Even remote users are able to receive the updated rule set without first connecting to the office network.
 

3) Backups

Vantage DataSafe

Even if you have a firewall and up to date anti-virus protection, there are no guarantees that you won’t be affected by a virus or malware, as cyber criminals are playing a cat and mouse game with IT security providers.
 
Backups are therefore incredibly important for any organisation, so in the event of your data being corrupted through a security breach, it is vital you have a backup of known good data. Additionally, a backup can be invaluable if you suffer a hardware fault that corrupts data, or even a fire at your premises where data is totally destroyed.
 

Gone are the days when your only option for backups would be a disk or tape based backup. We provide a cloud backup service called DataSafe which automatically backs up your important data to our secure, off-site datacentres.
 

4) Encryption

Do you or your employees use a laptop away from the office? If so, it may be left in your car or on a train at some point. Should this device be stolen, criminals could have access to your organisation’s data. Can you risk this happening?
 
Some Windows versions have BitLocker encryption enabled and most modern business laptops have Trusted Platform Modules (TPM) built in which makes encryption possible. However, encryption still needs to be implemented as it is normally not enabled as standard.
 

BitLocker is not centrally managed, meaning that if the encryption password is forgotten or lost, so is your data. There are leading security software vendors that offer manageable encryption solutions, such as McAfee. Its Complete Endpoint Protection for Business software has device encryption included. This can be configured to encrypt your computers and any USB storage devices that are plugged in to them.
 

5) Patching

Vantage PatchSafe

Security vulnerabilities are found every day in Windows operating systems and third party software. These represent a security risk as they can allow viruses and hackers into your IT systems.
 

We appreciate it is time consuming to keep all your software up to date and you might be unsure if the patches are stable. With this in mind, we can implement our PatchSafe service which is managed by us to keep most software from the world’s biggest vendors up to date.
 

6) Operating Systems

Microsoft from Vantage IT

Microsoft’s server operating systems such as Windows Server 2003 and PC operating systems such as Windows XP have not been supported by Microsoft for quite some time. This means they are no longer patched and represent a considerable security risk for your organisation, as hackers continue to find security holes in them.
 

Microsoft Server 2012/2016 and Windows 10 are fortunately growing in popularity and are regularly patched by Microsoft. As a partner of both HP and HPE, we supply and configure the very latest servers and PCs combined with Microsoft’s latest operating systems for optimum security and performance.
 

7) Anti-Spam

Vantage MailSafe

Internet based threats such as viruses can infiltrate your IT systems in many ways, e-mail being one of the most common. You may also have heard of phishing attempts, which trick people into paying money due to a convincing email.
 

Spam emails are also very irritating and can use up a disproportionate amount of each user’s day. Thankfully, spam does not have to be so much of a concern if you use our MailSafe service. Our intelligent anti-spam service is extremely effective at isolating almost all forms of spam and has two anti-virus scanners built in, which continually monitor both incoming and outgoing messages.
 

8) Disaster Recovery / Business Continuity

Should the worst happen, how catastrophic would it be for your organisation if you couldn’t work for days until your systems are restored via backup? The inability for staff members to work, or the downtime of production facilities is unfeasible for some businesses and can have massive financial or operational implications.
 

We can implement a disaster recovery solution or even business continuity for your organisation. This will keep potential downtime to a bare minimum and enable your organisation to continue running.
 

9) User Permissions

When working with IT security we look at every angle, including user permissions and administrative rights, to help prevent the potential of malicious software spreading and data being lost.
 

We can implement organisation-wide policies such as folder permissions and blocking of USB mass storage devices, to help prevent your data from being leaked. IT security threats are not always external.
 

10) Check Where Your Data is Stored

Where in the World is Your Data?

You may think your internal IT systems are as secure as possible – and they may well be. However, with cloud services gaining in popularity, it raises questions about how vulnerable these systems are.
 
Many cloud providers do not keep your data in the UK, although numerous organisations need to comply with data regulations which stipulate their data is not held outside the UK.
 
All our cloud services, such as DataSafe Cloud Backup and Hosted Exchange, hold your data solely and securely in the UK, so you know exactly where your data is kept.
 
 

Footnote

This list is by no means exhaustive as there are other IT security risks to consider. With GDPR coming very soon, are you sure your systems are as secure as they could be? If not, please contact us.
 
We will be happy to investigate then make recommendations to keep your data as secure as possible, minimising risk of data loss and potential downtime.