To keep your business running effectively, your computers should be running effectively. This means keeping up to date with the following software and security features.
1. Operating systems – Follow the Microsoft product lifecycle guide to make sure that you are using secure operating systems. Microsoft stops supporting older operating systems after their support lifecycle has expired.
2. Software patches – Make sure that your Operating systems have the latest security patches and hotfixes by running Microsoft update on all systems. (tip: enable automatic system update in your windows control panel).
3. Anti-virus and Anti-Malware – Check your security programs to make sure that the subscriptions are up to date, the definitions are being updated, and regular scans are being performed.
4. Company policy – Ensure that there is a company policy in place that explains to your employees what the computer network should and should not be used for.
5. Physical security – What if someone stole your server or computers that contain valuable business data? Check your office’s physical security.
6. Backup – Make sure that your company has a backup (preferable an offsite backup of your important data). This is extremely important, any hardware can be replaced in the event of a disaster but, critical business data cannot be replaced.
7. Hardware – Make sure that the hardware you are running meets today’s business software needs. You wouldn’t want your employees running at minimal efficiency because their computers can’t keep up.
8. Encryption – Encrypt laptops with company data so that the data won’t leak in the event that the laptop is lost or stolen. Also, encrypt confidential documents being sent by email.
9. Maintenance – Have an IT professional perform maintenance on your servers and network.
10. Compliance – Make sure that your computer network meets the requirements for your industry or state. For example medical offices should meet HIPAA compliance and publicly traded companies should check their Sarbanes–Oxley compliance. Any organization that accepts credit card payments must meet PCI DSS compliance standards and any company in Massachusetts that stores any personal information about MA residents is required to comply with the 201 CMR 17 regulation.