Securing Your IT Environment

Just as you need physical security in the “real world”, your business requires security in “cyberspace.” The threats are real. Simply connecting to the Internet and doing nothing else exposes your IT network to non-stop, automated break-in attempts by intruders looking to take control of your IT infrastructure.

What can be done against such malicious and varied threats? You must have a strategy and the tools to protect your computers and data. PKM’s Information Technology department offers a variety of IT infrastructure and assurance consulting services, including:

• Mail antivirus, filtering and spam blocking for your email server.
• Firewall at the network and workstation level help against worms and some malicious code.
• Local antivirus software on the workstation to defend against viruses and worms.
• Update your system with the latest patches from Microsoft.
• Popup blockers.
• Anti - adware/spyware applications.
• Updated antivirus, adware and spyware definitions as these threats change daily.
• Skilled IT professionals who can identify, cleanup and maintain your systems.

You will notice that some of these areas overlap. A multi-layered approach is necessary to stop threats that bypass security tools. It is important to note that there is no way to defend against an individual with sufficient skill and determination. Achieving an IT environment that is 100% secure is unlikely and an expensive proposition. However, by taking appropriate, necessary precautions, your business can stay ahead of cyber attacks. Below are some best practices to keep in mind while accessing the Internet or utilizing Email:

• If you do not recognize the sender do not open the attachment.
• Do not use links sent via email. They could be masked. Type them in the browser yourself.
• You should also keep your host file clean as some malware use this to defeat your browser and send you to their site.
• Legitimate companies will not ask for your password, credit card number or other personal information over email. Do not use the links.
• Never click on links from pop-up boxes.
• Only visit sites from reputable companies. Remember that by clicking on a web link you are giving them consent to download files and programs on your machine. Do not invite trouble.
• If it sounds too good to be true it probably is.
• Use popup blockers, antivirus, firewalls and a properly patched or updated computer.
  

In an effort to minimize the ongoing costs associated with maintaining their PCs, many businesses have moved to a managed PC environment. In such environment, computers usually share common parts and hard drive images, and can be managed remotely. They also deploy centralized management tools for endpoint protection, software installation, email filtering, software/hardware inventory and other critical systems. This can greatly reduce setup/repair cost, response time and the need for on-site support visits.

By implementing a standardized hardware platform, companies reduce the number of software images needed to deploy computers during the roll out phase and make restoration of failed systems much easier. They also reduce spare-parts costs. Instead of stocking multiple drives, memory types, and other serviceable parts for a large number of PCs, IT personnel can streamline the parts inventory by keeping an adequate number of common components on hand.

Cost is only part of the equation, however. Implementing a well-managed PC environment usually results in a higher level of security. The use of centralized management tools for endpoint protection, email, web traffic monitoring and enforcement substantially mitigate and in some cases completely eliminate user’s PC vulnerabilities.

MANAGING SECURITY OF SERVERS/WORKSTATIONS/LAPTOPS
This is the practice of protecting each individual host in an enterprise including servers, workstations, and laptop. Endpoints are critical because the inability to control the actions and behaviors of end users across an entire organization results in the breakdown of enterprise security. Advanced endpoint security solutions integrate the functionality of antivirus/antispyware, firewall, intrusion detection, and policy enforcement systems. They can be configured to block all inbound and scan all outbound connections for malicious traffic patterns and block them if necessary. Such systems effectively stop “worm” virus propagation in the network.

SECURITY VIA AUTOMATED IT PATCHES
An effective automated patch management solution keeps all PC’s operating systems updated. This service is critical to the company’s network security due to the fact that more than 90% of all security breaches are carried out through software vulnerabilities for which there are known patches. Another valuable feature is the ability to install, reconfigure, and run software remotely using this tool (one time or on a schedule).

SECURE INCOMING & OUTGOING EMAILS
All incoming and outgoing emails are scanned and if any virus and/or spam mail is found, it is automatically quarantined or removed before it reaches the company's mail client or server. In addition, email threats such as “spam attacks”, “directory harvesting”, “virus outbreaks” and “email booms” are stopped outside your network, never reaching your mail server.

If you feel that your IT environment is not adequately protected, PKM’s Information Technology department offers a variety of IT infrastructure and assurance consulting services designed to help clients maximize the value of their IT investments. For additional information on how PKM can secure your IT environment, please contact Warren Puy-Arena, Director of Information Systems at wpuyarena@pkm.com or 404-420-5684.

Porter Keadle Moore, LLP is a founding member of ProfitCrew, an association of accountants and business advisors dedicated to helping construction companies build profitable businesses. For information, contact Adam Polakov at apolakov@pkm.com or Arvil Stanford at astanford@pkm.com or visit www.pkm.com.