security
Year-End Technology Review
As we near the end of 2015, thoughts of roasted chestnuts, snow and gifts fill our minds. For businesses, this is the time to evaluate year-end tax strategies. For some, performance reviews may be in order. Others may even review their current investment strategies. While some of these may be on your list, have your considered a year-end technology review for your business?
There are a few areas that should be reviewed during this time of the year to assist businesses in maximizing their use of technology and ensuring that the technology in use will aid in the start of a productive 2016.
A few of the areas to review include:
Security – Now would be a great time to change your account passwords. If you are still using the same passwords you used last year, then you are overdue. Change it to a mix of upper and lower case letters, numbers and symbols to create a password that is longer than 8 characters. It should not be a word that can be pronounced and should not include personal or family members’ names, initials, birth-dates or any easily identifiable information.
Where possible, enable additional security with two-factor authentication (2FA), using your cell phone as the physical item along with your password. Apple, LinkedIn, Dropbox, Google, Microsoft and others support 2FA. Access to your account will then require your password and a number which is normally sent via a text message to your registered cell phone. This drastically reduces the potential for online fraud or theft of information.
Don’t forget to check all your accounts including email, file servers, cloud systems, social media, financial sites, HR sites and sales or customer relationship management (CRM) applications.
It is also a good time to review the security measures you have in place to protect the data on your servers, workstations and hand-held devices:
- Are each of these items also secured with a password? If so, refer to the section above.
- Is each device being backed up to an off-site location or the cloud?
- Have you tested the reliability of the backups by performing a restoration of a file or files?
- Have you installed and tested software to track and recover your handheld device or to wipe it if recovery efforts fail.
- Do you have a plan in place if your website is rendered inoperable due to a storm, flood, power outage or hackers?
Billing – The first three quarters of all recurring bills should be reviewed.
- If you are paying for voice and Internet traffic, are you paying for more than you use?
- Have you received credits for outages. (hopefully you have tracked them).
- If using a shared mobile plan, have you been charged for exceeding your plan’s usage?
- Are unused minutes really rolling over?
It may be time to adjust the plan.
How are your printer/copier contracts looking? Are your b/w and color copy amounts in line with estimates? Now could be a good time to renegotiate, if possible. Make sure you have performed the necessary research to make your case.
Log Review – Web sites, firewalls, servers, WiFi access points; they all have logs and are all susceptible to hacking. Take time to review those logs and look for access from unrecognizable locations/devices. Someone could be using your WiFi/Internet without your knowledge.
Also look for multiple failed logins. This is a tell-tale sign that hackers are attempting to gain access to your data.
Be sure to disable any default administration accounts on these devices. If the administration account cannot be renamed, be sure to change the password from the default and make it sufficiently complex using the characters mentioned in the first paragraph. As an extra precaution, make all admin level account names at least 12 characters.
Equipment Refresh – Several widely used software products have reached their “end-of-life” this year. In most cases, the replacement of the software requires a replacement of the hardware. With Black Friday and Cyber Monday approaching, now is a good time to look for deals. Hopefully, you have earmarked funds for your end-of-year purchases. If not, check with your accountant on the best approach given your situation.
Remember, while “end-of-life” does not mean the product will cease to operate, it does mean that the vendor will not longer support the product and in the case of operating systems, software patches will no longer be available. The absence of these patches has the potential to make your systems prime targets for hackers. Refer to the previous paragraphs to secure your data.
I.T. Suitability – Lastly, did the devices, servers and software you have in place aid in the completion of your company goals this year? If any of these components didn’t allow you to grow your business, they may need to be replaced or eliminated altogether. If your software applications hindered your ability to maintain, serve or grow your customer base, perhaps further training of your employees is needed or a replacement of the application is in order. Now is a great time to review how well these components are serving the needs of your business and to gauge if they are providing the return-on-investment you estimated they would provide.
Thanksgiving is here and before you know it, the left-over turkey will be gone and we will be singing “For Auld Lang Syne”. Take a few hours these next few days and tackle at least one of the items on this list. Maybe take on one-a-week. I assure you that your business will benefit from having a year-end technology review. It may not have as much of an impact as a tax, performance or investment review, but it will surely provide you with better insight regarding the use of technology in your business and provide you with a strong foundation going into to new year.
Happy Holidays,
Lonnie Stanley, Founder
The Kimmel Group