Protect Your Business By Securing Your Telecommunications System

More and more businesses are embracing the information age of the 21^st century and employing advanced technology to assist in the effective running of their business. According to recent research by the DTI, 87% of UK businesses are now highly dependent on electronic information and the systems that process it; storing, accessing and sending a variety of documents from confidential financial information, employee documents to payroll details and client correspondence. Changing technology has not only made it easier for companies to manage the effective running of their organisation, but being in the office is no longer a pre-requisite to do business; wireless technology and remote access to company systems via dial-up or the internet means that people can read their emails on the train, write a business plan in between meetings or update client accounts from home. The rise in wireless technology, mobile working and extensive use of the Internet in daily working has resulted in organisations, large and small, becoming even more exposed to security issues.

Breaches of information security are becoming a part of daily life for many companies, it was indicated by the DTI that the average UK business now receives roughly 20 viruses a year, and it has had its web-site scanned or probed many times. Through unauthorised hacking important information can be lost or misused, causing great inconvenience and harm to your business.

Karen Pugh, facilities manager at Enterprise North East Trust explains that installing good security practices and procedures throughout your business can help to minimise the risk of security breaches. "Attempts of security breach are a daily occurrence for many businesses; we are all likely to have received an unsolicited ‘spam’ email which carries harmful attachments, inflicting a virus on your computer. If this email is spread around, it can end up that all computers linked within the network will become infected. For a small company, the results can be disastrous. With all important information being saved onto computer systems, the effects of a virus can mean the loss of vital documents and for most companies the IT system is heavily relied on for the day to day running of the organisation, so a virus can lead to down-time in company operations until the problem is resolved. To minimise the threat of security breaches it is a good idea for businesses of all sizes to plan how to secure telecommunications. This involves assessing the risks you face – looking at the sensitivity of the information held, the importance of the IT system to business operations and whether there is any reason for someone to want to gain access to your system. Taking these issues into account can help you to put the correct safety systems in place."

Karen advises considering:

Unauthorised access to your computer is the most direct and simple way for people to retrieve the information stored on it. To reduce the risk of someone getting into your computer, ensure that whenever you leave your desk for long periods that you lock your screen, using a secure login password. Keep the password secure and avoid obvious combinations such as birthdays or names, change passwords regularly by setting an expiry date of every 30 days. If your computer is linked into a network, consider carefully how the network is set up, networks allow employees to share information and access the internet, so it is worth protecting high-risk information and systems such as confidential information and financial documents by saving them onto your local hard disk. It is also vital to install a firewall; this can restrict user’s access to certain information and can monitor and protect the network from unauthorised hackers.

Companies should have clear guidelines on acceptable use of the Internet and email as inappropriate use can result in serious consequences for your business. Employees who may be logging onto unauthorised or pornographic websites can increase the risk of viruses attacking your computer system, this can also lead to a higher level of spam emails being delivered to email accounts. In turn this can lead to a loss of productivity as the high levels of unsolicited emails that businesses receive everyday can clog up the IT system to the point of breakdown. To reduce the occurrence of unacceptable email and Internet use you should set out clear security policies and procedures. Policies may include guidelines on secure login identification for accessing IT systems, access controls – these will restrict access to information dependent on the level needed for each job.

The guidelines for IT use should be communicated throughout the company making employees who regularly use and process data very aware of data security and protection principles. All employee contracts should include clear guidelines for acceptable use of the computer system including use of email and the internet. To ensure that every member of staff is committed to adopting safe IT methods, understands their responsibilities and the consequences of unacceptable use, contracts should be signed confirming that they have taken on board what is expected of them.

It may also be necessary to train staff on the correct way to use the IT system, setting out principles for good IT practice, including email, software and internet and responsibility for preparing back-ups. Training can also involve running through methods for carrying out tasks manually so should the IT system breakdown, this can help the company to keep functioning during downtime. By raising awareness of security issues employees can help to minimise the risk of data systems being damaged and in the occurrence of a security breach, staff will know how to respond quickly and efficiently, if there are adequate procedures in place.

There are extra security measures you can put in place by introducing electronic safeguards. A firewall can scan and check email attachments for viruses or you can install software that will automatically filter out any emails which include obscene or discriminatory words or phrases and monitor the internet sites that employee’s access, restricting access to any unauthorised sites. However, there are legal implications with observing your employees email and internet use, so it is wise to seek legal advice before establishing any of these measures.

Virus infections are one of the prime causes of most serious security incidents, when your computer is infected with a virus it can damage your ability to do business, making documents unusable, destroy important files or capture keystrokes – meaning that everything you type from passwords to credit card details will be retrieved by a hacker. If you are linked up to a shared network and communicate via email frequently this can help to spread the virus through your organisation very quickly and cause great difficulty when trying to contact clients, suppliers and employees.

Safeguard your computer system by installing well-known anti-virus software; it will scan and detect any viruses and stop them from running, allowing you to delete it and repair any damage. Ensure that you update your software regularly to avoid any new viruses seeping through. Make it company policy that employees do not open any attachments sent from unknown or suspicious senders, anti-virus software can also scan emails and their attachments, which can be a further barrier to viruses getting into the system. You can also install software that will automatically filter out any emails which include obscene or discriminatory words or phrases and monitor the internet sites that employee’s access, restricting access to any unauthorised sites. However, observing your employees email and internet use does have legal implications, so it is wise to seek legal advice before establishing any of these measures.

A firewall will monitor and protect your network against harm spread from the Internet. You can also restrict access to specific high risk websites by adjusting surfing security controls for the internet, this can help to lower the risks of your business of being infected by a virus and control the viewing of obscene or pornographic websites.

Wireless Local Area Networks allow devices such as laptop computers, or personal digital assistants (PDAs) to connect to the company’s network without the need to be physically connected by a cable or wire. However, a large number of company’s keen to exploit the latest innovation in business technology have done so without implementing necessary security controls. As a result, the increase of mobile working has created a new breed of hacking which can be done with minimum effort as they can pick up any wireless signal.

There are some steps you can take to reduce the threat of people hacking into your computer system, when you install any new equipment ensure that the security is switched on, failure to do so could leave the network open to attack. Site access points transfer data between devices, so it is advisable to do this away from the outside wall of the building – this will help to minimise the leakage of radio signals and will stop people from intercepting them outside. Keep an eye on your network and logs periodically to make sure your network has not been broken into. It is also worth bringing in external experts to check your security measures; they can assess your computer systems to ensure that they are adequately protected.

Karen continues, "Some of these security measures may seem quite time consuming and expensive to implement, but the disruption caused to your business by a security breach can be very costly in terms of business revenue and reputation. Taking steps to make your telecommunications more secure is an investment in your business rather than an additional cost. The effectiveness of your telecommunication security should be reviewed on a regular basis, this can uncover whether employees are following procedures properly and if they are not you can take steps to enforce or change security measures."

Enterprise North East Trust is one of the largest providers of fully serviced office and workshop accommodation in the north east and currently owns and manages ten business centres across the north east of Scotland.