Last week, a security breach at the University of Nebraska resulted in hackers having gained potential access to the (financial and personal) records of 650,000 students, alumni, parents and university employees.
The security breach was discovered by a staff member and quickly remedied, however, at this point in time it is not known exactly what information, if any, was actually transferred outside the network.
The FBI is investigating, and they have apparently narrowed their search according to this article.
Are you doing everything to protect your organization from exploits of this nature? Many businesses do absolutely nothing regarding security, other than pray it never happens to them.
Let’s start with the basics… Does your company have:
- Anti-Virus on your server or servers, workstations and laptop computers? Is this current and from a trusted provider such as Trend Micro, Symantec, etc?
- Business class (or better) firewall appliance (hardware from companies such as Cisco, WatchGuard, SonicWall)? Is it up to date and configured properly?
- EMail anti-spam, anti-virus, anti-malware control for your Microsoft Exchange server (either in hardware appliance or software such as Trend Micro Worry-Free Advanced) that is up to date?
- Server, Workstation and Mobile workforce operating system and application updates kept current?
- Strong passwords in place network-wide (hopefully in a password policy)?
- Web browser filtering, scanning, protection, either through firewall appliance, web scrubber or software such as Trend Micro Worry-Free to protect from malicious websites and lock down inappropriate for work sites?
- Backups of server, workstation and notebook or tablet computers? This could be cloud based such as Servosity or MozyPro or physical media like tape, RDX or network storage or a combination of technologies.
- Physical security on computers (mobile computers tethered to stationary objects, doors locked to server rooms or data centers)?
- IT service provider who double-checks your security, even if you have your own in-house technicians and/or engineers?
This list is not meant to serve as a complete checklist, only as a means to help you determine if you have the most basic security in place for your business. If you read over it and don’t have the answers, or if the answers were anything but a confident, “YES”, then you should immediately contact your favorite computer service provider and discuss with them how you can improve upon what you are doing.
Many IT support companies will perform a basic security evaluation for just a few hundred dollars, a wise investment! Most competent network security houses can provide in-depth security and compliance evaluations and ongoing security compliance evaluations at nominal rates as well.
Homeland Secure IT is available for these tasks in the Greenville and Upstate South Carolina area.
Please call 864.990.4748 for more information regarding computer and network security.