Tech Connect: Protect your business

There have not been many high profile data breaches in the news lately. This lack of activity may lull small business owners into a false sense of security.

The fact is 300 million to 400 million new malware applications are created every year. Small businesses obviously are at risk for an infection.

The first thing to do is to conduct a complete internal audit of your IT software and processes to identify vulnerabilities. This is an excellent prevention strategy.

A huge risk comes from human negligence. Estimates are that around 40 percent of all data breaches are caused by users within the company.

This happens in many ways:

' Not controlling passwords

' Not using strong passwords

' Losing laptops

' Not spotting fake websites or messages

' Providing requested information to an unauthorized person.

So how do you prevent these issues? First of all you need good policies and procedures to plug the holes, clarify expectations and define accountability. Training and holding employees accountable also is needed.

A culture of information security is an excellent way to ensure long-term sustainability of data security for the company and its clients.

A vulnerability that is not often recognized is social engineering, also called phishing. This is a technique used by professional bad guys who pose as legitimate people in need of specific information by phone or email.

By doing this with one or more employees they get the information needed to exploit your company. Employees must be trained to be alert and react appropriately.

As about 60 percent of the companies incurring a data loss go out of business within a year, this is not just an inconvenience - it is a real threat. And while recovering data is one thing, never losing it in the first place is better.

How do you not lose data? One way is to have a computer system whereby two drives are mirrored.

This means that they run concurrently. If one goes down, the other takes over instantly.

Companies using this strategy usually keep spare, configured drives on hand so that they can replace a bad hard drive immediately.

A new virus called Goner is a good example of why updates are vital. It appeared on Jan. 31 and is spreading very rapidly.

Goner gets in through an email generated by the virus. The message appears to offer a good screen saver recommended by a contact. However, as soon as the attachment is clicked on, it gets into the computer and begins its work.

It turns off all security software and hardware, leaving the computer open to other hacking. It also uses the infected computer to send out the infecting virus through emails.

Vigilance is protection.

' Mike McKay is general manager and co-founder of Keystone IT; mike@keystoneit.com