This is a topic that is important and is often over looked. When is the last time you performed a security audit? I ask this question because I have seen some interesting things the past few years. Let me give you an example. I was moving a file server for a client with highly sensitive data. What I found was the security on the sensitive files had anonymous access on them. Needless to say, I made a security change to them when they were moved.
Another client had a bunch of users in Active Directory that had domain admins rights. This is a privilege that only a few should have.
A security audit is a good idea at least once a year. What you should check is who has rights to shares and an audit of groups. You should also audit your file servers and file shares to ensure that you do not have users who should not have rights you should also audit your systems to ensure that they have the most current security patches on them.
Another item to audit is Antivirus and making sure that it is installed on your systems and it is updating. You should also review the virus scan central console and be able to provide a report of your protection settings.
Finally, the all mighty firewall should be audited. What you are looking for is unused rules and objects. If you do not need them, remove them. You should also make sure you are only allowing the protocols you need. If you are running an application aware firewall, move your rules to applications over ports.
Some Internet websites such as banking and brokerage ask for certain information to verify your identity. The questions range from your High School to your first pet. A tip is to put something totally different that you will remember. For example, instead of putting your first pet, put Yoda from Star Wars. This will make it something totally random and something that someone will not have to guess. Remember to use something unique (And don’t use Yoda).
NEW TBJ Services: TBJ Shield Backup
This is an offering that I have been meaning to launch and I have finally had a great solution. It is called TBJ Shield Backup. TBJ will take care of your backup for a monthly fee. We will provide the appliance and backup software. We will also monitor and maintain the backup system. It even backs up to the cloud to two different datacenters.
It can also become your server in case of a disaster to your system, allowing your business to function while a server is being replaced. This service can work for 1 server and up to 30 servers. TBJ will also test the backup system every 90 days, ensuring that data will be restored and your servers can be recovered in a disaster.
If you are running an old backup system that does not include Disaster Recovery or your backup system is outdated contact us for some advice.
Do you have need to share files securely with others? If so, then www.box.net is the solution for you. You can upload files and they are encrypted on the site. You can send a link to other users, where they can download the files. I do not send sensitive information over the Internet anymore. This is a nice service to securely share your files. It is Captain Security tested and approved.
Upcoming Event – Exchange 2013
Learn about the enhancements and new features of Exchange 2013.
DATE: April 2nd, 2013
TIME: 9:00 am
LOCATION: 200 S. Executive Drive, Suite 101, Brookfield Wisconsin
We at TBJ are looking to grow our business and we would like to enlist your help in finding clients who might benefit from our services. For any qualified leads that result in a meeting, we are willing to send you a $100 dollar gift card. Our best leads come from referrals and we would like to reward you.
If you know of someone that you network with that could benefit from our services, use the form below or email us at firstname.lastname@example.org
If you have a referral, please enter the details here:
Final Thought of the Month – Backup and Disaster Recovery
How many of you have a disaster plan? Can you recover your systems quickly? If you have a total disaster, how will your business function? Most people only think about technology for Disaster Recovery. What they forget is what they are going to do with the people and how are they going to work.
You should appoint someone who is responsible for maintaining the plan. It is a living document that needs to be updated constantly. You should also plan for a total disaster and figure out what you will do without the building. If you are a printing company can you work out something a relationship with others in your industry to use their presses or what they are not using?
You also need to consider how you are going to communicate with your employees and have some sort of check-in system. That also means creating a master list of how to contact employees.
Finally, you should have a good disaster recovery system. It should backup your systems and have the ability to replicate them offsite and bring them up in the Cloud if needed. You should be able to be up and running in less than 24 hours after a disaster.
If you need a good Backup and Recovery solution, feel free to contact TBJ.