|
--> View Past Issues | AutoPower HOME | AutoPower Support
Computer Security
Q: WHAT ARE THE COMPUTER SECURITY ISSUES FACING OUR HEAVY-DUTY AFTERMARKET?
A: There are many computer security risks in the world today. Arguably the 3 most prevalent issues would include the introduction of viruses, Trojans and worms in a network, unauthorized outside access to a network, and employee theft of information. The introduction of a virus, Trojan or worm is the most common intrusion we see in the market today. Far too many distributors take for granted that they are immune from these destructive programs.
Unauthorized access to a network can come from two primary sources. A hacker can use the distributor's high-speed Internet connection to gain access to their primary business server or to an individual PC on the network. Wireless hacking doesn't get as much exposure in the news media as Internet hacking, but it is equally dangerous. An unprotected wireless network is an invitation for someone to access the network, collect valuable confidential data or introduce a program to disable or destroy the network.
The least acknowledged security risk is employee theft of information. Far too many networks are vulnerable to employees who can access sensitive data and take it with them at the end of a shift.
Q: HOW CAN THESE ISSUES BE PREVENTED?
A: Each of these three risks has a unique set of procedures that should be followed to minimize or eliminate risk. Most businesses have virus protection using a powerful and reputable virus protection software package. However, many of these businesses fail to do the simple tasks required to make these tools work. Many businesses fail to setup the program to automatically update the virus definitions on a daily basis. Businesses also fail to setup the software to automatically scan the PC or server on a daily basis. This daily update and scan is critical for identifying new viruses and stopping them before they can do any damage. Simply loading the software and taking the default settings is not enough to adequately protect a network.
Many businesses also fail to install an adequate firewall to protect their network from intrusion. If you order a DSL or cable circuit for your business, or even a high-speed T1 circuit, it will not come with a firewall. A hardware firewall is the best tool for protecting an entire network. For small businesses with just 1 or 2 PC's, software firewalls are usually adequate to protect their confidential business information. Both hardware and software firewalls are becoming easier for the general public to install, but just like the virus scan software they must be configured for optimum protection for each individual network, PC or server. Simply un-boxing the firewall and plugging it into the network isn't going to give you the level of protection that today's business requires to protect themselves from a serious threat.
Beyond a firewall, business systems should be setup with strong password rules. Passwords should be more than a common word, or worse, the same as the user login. Ideally, password security should be setup to force the user to use 6 or more letters and numbers in a password. You should also setup the password requirements to require letters, numbers and at least 1 special character. These passwords are much harder to crack thereby protecting your system from hackers. Password rules should also be established within the server policies to require that the user change passwords every 90 days and not allow the user to reuse the same password within 6 months.
With the proliferation of Wireless Fidelity (WiFi) connectivity, some businesses have created a functional wireless network to allow their employees to connect their laptops to the system without requiring the usual wiring and connectivity. These networks can be a tremendous productivity booster, but if they are not properly secured, then they are wide open to anyone connecting to your network. All wireless devices have the ability to implement Wired Equivalent Privacy (WEP). WEP is an easy-to-use encryption protocol that provides good security for a wireless network. WiFi Protected Access (WPA) is a step above WEP and provides a more robust and powerful encryption technology to protect wireless networks. With a properly enabled WEP or WPA security protocol on a wireless network, the network is essentially invisible to anyone without the proper passwords to access the network.
Employee theft is a unique security risk because the employee must have access to the network in order to perform his or her job duties. The AutoPower System provides tools to allow the system manager to limit access to certain aspects of the business system or the network. By limiting the menu options that an employee can use, you limit the ability for the employee to learn of business information that is not relevant to their day-to-day job. Further, these limits prevent the employee from printing a customer list, price list or other confidential information and walking out the door with it. These tools are extremely easy to implement and should not be ignored in a company of any size.
Employee passwords should also be changed often. If you assign a password and never change it, that password is likely to become known to more than just the password owner over time. Once a high-level password becomes known, the data it was meant to protect can potentially be compromised. The AutoPower system can be setup to force users to change their login passwords periodically at a given interval. While this may seem inconvenient, it is far easier to deal with than the loss of key confidential data.
Q: HOW SHOULD THESE ISSUES BE HANDLED IF PREVENTION IS NOT POSSIBLE OR PROPERLY IMPLEMENTED?
A: All businesses should have a backup plan in place should any of these security issues befall them. For viruses and hackers, having daily backups is a requirement, but just having the backup is not enough. The business should check the validity of the backup on a daily basis. It is not uncommon for the backup device to fail to backup properly. If care is not taken to verify the backup process has completed and to verify that the tape is good, then the backup may not be available when it is needed. Businesses should also rotate their backup media periodically. Tapes used in a tape backup are only good for about a year or so. They should be replaced annually or when a problem occurs more than once with the same tape. The backup is only as good as the media, which it is stored on.
Distributors should also keep the most recent backup tape offsite overnight. If your building suffered from a fire or flood, new hardware can be brought in fairly quickly to help recover the business. However, if the daily backup is lost in the fire or flood, then the business has to be completely rebuilt from manual records. In the case of both a fire and flood, this may be impossible. By having the backup offsite, you can typically recover a business in a matter of a few days.
Businesses should also have a backup plan in place to continue the business while the server is compromised. For some distributors, this might mean going to a more traditional manual method while the server is repaired and the security risk removed. For larger distributors, this might mean a hot-spare system or other alternative to bring their business back up as quickly as possible.
The most important safeguard to a security risk is to have the backing of a reputable company that can help you through the crisis. Distributors are experts at selling automotive and truck parts. They generally lack the staff and training to deal with computer issues such as these, and in some cases can make the situation worse before it gets better. Having a relationship with an organization that staffs or contracts with the professionals required to help resolve a crisis is critical.
|
