10 New Year's Resolutions for Your Business

We know: You mean to do all kinds of things to keep your IT infrastructure in peak condition, but when the office gets busy, things fall through the cracks. The problems won't go away on their own, though. If you need help compiling a list of what you have to accomplish, here are our top ten New Year's resolutions that you can implement to get your business in tip-top shape.

1. Clean Up Your Database Security

With customer-database breaches now making headlines on a weekly basis, ensuring the security of your clients' personal data should be an ongoing part of any IT strategy. That said, the new year is the perfect excuse to audit your databases' security--making sure you're using strong passwords and encryption where appropriate--and to review policies about where those databases are allowed to be stored. That last part is critical: An uncommonly high number of data-loss events occur when laptops carrying database copies are lost or stolen.

2. Rethink Wireless Security

Chances are, you set up your Wi-Fi router in 2004 and haven't given it another thought since. Well, in case you missed it, ye olde Wi-Fi security is hopelessly broken: WEP was cracked years ago to the point where breaking into a WEP-secured network is a matter of trivial simplicity. Alas, recently WPA, WEP's replacement, was cracked as well, although it's still considerably safer than WEP. Upgrade to the still-safe WPA2 if all the devices on your network support it, but at least migrate to WPA if you haven't already.

3. Test and Upgrade UPS Devices

If you think your wireless router is neglected, imagine how the UPS devices in the office feel. Often these battery-backup systems are purchased add-ons to newly bought PCs (and sometimes they come for free as promotional giveaways), and they're promptly plugged in and forgotten, left to grow old under an increasingly thick layer of dust. The problem is that many UPS devices don't put out enough power for the machines connected to them, as users frequently treat them like power strips instead of backup devices.

Carefully check the wattage ratings on your UPS devices and compare those numbers against what you have plugged in to make sure you aren't exceeding the supported capacity. Be sure to install automated shutdown software if you haven't already, and arrange a schedule to test the systems to ensure that they still work.

4. Set Up a CRM System

Now more than ever, it's important not to let sales leads languish and die. Installing a CRM system can really help sales teams prioritize selling efforts and follow up at appropriate times. CRM's acronym makes it sound daunting, but most customer relationship management systems are surprisingly simple to master. Some, such as Salesforce.com and other hosted services, are available completely online, requiring you to install nothing.

5. Install Theft-Recovery Systems on Laptops

We've already harped on laptop security problems, but losing a laptop doesn't mean you have to write it off forever. Check out a theft-recovery product such as Computrace LoJack for Laptops, which installs quietly on any notebook and can alert LoJack to the laptop's whereabouts when you report the computer as stolen.

Computrace partners directly with law enforcement agencies and says it recovers 60 computers each week on average, for a 75 percent recovery rate on laptops reported stolen. Paying $90 secures a laptop for three years. An extra $20 adds an optional "kill switch," which you can use to nuke all the data on the machine if you fear that it's never coming back.

6. Investigate VoIP

It may not be time to migrate the whole company to VoIP and dump the traditional analog system, but it is certainly time to begin experimenting. Start with Skype on a few machines for your most tech-savvy users, and add dedicated handsets so that they can compare the VoIP process directly with their experience on standard handsets. Check back in four months to hear their thoughts.

7. Stop Making Users Change Passwords for No Reason

Many IT departments mandate quarterly--and even monthly--password changes, yet no evidence shows that such policies lead to improved security at all, as users forced to change passwords frequently are more prone to write them down and, say, tape them to their monitor. You're better off educating users about what consititutes a strong password and restricting the inclusion of words on commonly used password lists, requiring numbers and a special character, and so on.

8. Get Serious About Backup

If you're still using a courier to haul a mountain of backup tapes to and from an offsite storage facility, it's time for an upgrade. For starters, hard drives are now readily available in 1TB capacities and higher, and they're far faster and more reliable than tape. Simply replacing an archaic tape setup with a revolving series of external hard drives is a no-brainer and needn't cost much at all.

Alternatively--or in addition--consider online backup services, at least for critical data that's on the small side. Numerous online, enterprise-level backup services exist. Check out Mozy Pro, for example, which can back up Exchange or SQL databases and costs just $6.95 plus 50 cents per GB per month.

9. Migrate Away From Internet Explorer

Last month's critical Internet Explorer security flaw, revealed in all versions of IE dating back to IE 5, should have been a wake-up call for anyone still using Microsoft's browser. Unfortunately, upgrading an entire office (and removing IE from those machines) takes time, so you're not out of line to be cautious in forcing users to upgrade. The good news: Unlike with most upgrades, users can easily adapt to Firefox, Opera, or Safari, so training needs will be minimal.

10. Clean Up the Mess in the Server Room

Cables sprawling everywhere (unlabeled, naturally). Dust accumulating in every crevice. Look under the pile of old CRTs, and you're likely to find a rat's nest--or worse. Most companies lock the janitorial staff out of the server room, but it's one of the places in the office that can benefit the most from old-fashioned cleanliness and organization. Take a slow day when most of the staff is out and spend a little time organizing and labeling spare parts, dusting out the servers, and otherwise tidying up. You'll be much happier once the clutter is cleared.

Subscribe to the Security Watch Newsletter

Comments