Security Basics mailing list archives

Re: Small business IT security

From: krymson () gmail com
Date: 14 Nov 2006 21:29:28 -0000

Well, the problem with implementing anything is that those technicians will have to have access to both the systems of
company A and their competitors. Unless someone is hired in-house or someone takes over in-house IT work that isn't
above their heads, there's not much to be done there except trust those techs. I would spend some time and money to
butter them up a bit. Maybe conversation and taking them out to eat is a bit much, but any time a holiday rolls around
or sysadmin day or something just out of the blue happens that you give them a lot of work, go the extra mile and get
them something to show your appreciation. Pay for their lunch if they're on site, or give them some gift certs
somewhere or a tin of cookies or something.

One thing you can do is to heavily encourage use of those servers, especially to store data. That way if a workstation
is sent over to the pc repair shop, it won't actually have all that much data on it anyway.

You could make sure each PC is equipped with running and updated antivirus software. This should catch a lot of things
that an amateur attacker might slip onto the system while it is in the shop, like a keylogger. You would need to make
sure people know how to verify that it is running and updated, however. Or designate someone to do that walk-around.

Does someone in the office have a child who is into this sort of thing? Perhaps in exchange for playing on a nice
system at a decent Internet connection at work on the weekends, he or she can do some minor work on the systems for
relatively low pay?

Really though, security in a company larger than 10 can be difficult with no dedicated staff beyond simply supplying
and repairing the hardware and other small things.

---------------------------------------------------------------------------
This list is sponsored by: Norwich University

EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.

http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------

Current thread:

Small business IT security jonathan (Nov 14)
- RE: Small business IT security Marc (Nov 15)
  - Re: Small business IT security Matthew J. Coffman (Nov 15)
- Re: Small business IT security Colin Copley (Nov 15)
- RE: Small business IT security Brian J. Bartlett (Nov 15)
- Re: Small business IT security Christian Simatos (Nov 15)
- Re: Small business IT security Dave Ockwell-Jenner (Nov 15)
- <Possible follow-ups>
- Re: Small business IT security krymson (Nov 15)
- Re: Small business IT security red . bull . x (Nov 15)
- Re: Small business IT security bitshield (Nov 15)
- Re: Small business IT security jonathan (Nov 17)