Return to Notary News and Advice

Information Reprinted Courtesy of Aegis Computer Services, ASN's Business Technology Service Provider

ASN offers the following information to help notaries understand and implement safe, practical procedures for managing their use of business technology.

Construct Secure Passwords to Private Applications and Accounts.
What constitutes a secure password will vary depending on the environment, but typically, names of family members, sequencing numbers, and obvious words and phrases should be avoided. Random numbers and a mix of cases, punctuation and spaces is generally encouraged. Obviously, a balance between security and convenience must be found. If the requirements for password complexity are too stringent, users will simply revert to writing down their passwords [on notes].

Practice Safe Computing on the Road.
Taking a notebook, PDA, or other device on the road requires increased vigilance to prevent unauthorized access. For example, remote access tokens should not be carried in the same case as the computer; access codes, names and passwords should not be written; sensitive data should be encrypted and/or stored on removable data storage devices, also carried separately from the computer; computers should never be left unattended; and consoles should be secured when not in use.

Exercise Care in Sending Emails.
How many times have you been asked to recall an email accidentally sent to the wrong person or persons? Users need to be well aware of this danger and be conscientious about exercising the appropriate caution. Think before pressing "Reply to All." Double-check addresses before clicking "Send." Refrain from using the corporate email system for non-business messages. In general, regard email messages as postcards instead of letters.

Protect Against Viruses, Phishing, Malware, and Other Nasties.
All PC users must be able to recognize and handle malicious data security threats, as well as the consequences of inaction. This knowledge starts with knowing how to identify phishing scams and how malicious email can appear to be from a legitimate contact. Do not open emails from unknown sources, do not open unidentified attachments, do not enter corporate email accounts on Web sites, and do not turn off or disable any anti-virus protection on your PC. Keep your anti-virus software updated.

By Lewis Christie, CISSP, CHSP

The Internet has become a vital company tool regardless of the size or location of the business. While connectivity has become increasingly indispensable for achieving business success, being more connected also results in being more vulnerable to outside threats such as identity theft, viruses, hackers, botnets and worms.

Many home-based business owners such as mobile notaries or notary signing agents are well aware of the risks, but believe they don’t have the resources to address information security. Maybe they simply haven’t taken the time, or they are unsure how to take the initial steps. If that sounds like YOU, then this article should help!

Security starts with self-examination and an understanding of what is most important to keep the business running smoothly from day to day. In other words, what are the business assets, what business functions must be performed and what information must be preserved with integrity and confidentiality?

A comprehensive examination of these issues, under the guidance of an information technology (IT) professional, is commonly referred-to as a security risk assessment. While home-based business owners may not have the resources to do this level of risk assessment, there are common-sense security steps that any home-based business owner can and should take.

BACK IT UP
First and foremost, if you know which data is important to you, back it up and do it right now. You can use many different media devices such as a CD, a DVD, a tape, an external hard drive, a flash card or thumb drive. It doesn’t really matter what you use, just back up your data and do it often or at least on a regular basis. Store a copy of that data in a secure, off-site location if at all possible. Having data backed up for recovery if you accidentally delete something is great, but if your house burns down and your backup burns with it, your business is toast too.

“LOCK” IT UP
Next, recognize that there people out there trying to break into your computer to see if you have data worth stealing (bank account information, customer data, medical records, etc.). It’s up to you not to let them. Also realize that there are others that may want to steal your computer online without you even knowing it.

Hijacking computers to use as “BotNets” is big business today. Combining your PC with the power of thousands of other victim’s PCs will result in one very powerful network that an unscrupulous person can wield to bring down an entire corporation with a massive influx of network traffic called a “denial of service (DOS) attack”. Protecting oneself against these kinds of acts requires knowledge of how to appropriately set your network parameters, and possibly use a firewall, anti-virus and anti-spam software. Some products are free while others can be quite expensive. You may need some help with this one, but there are plenty of local, trustworthy computer service companies out there that can help you at a very reasonable cost.

USE VALUABLE BUILT-INS
Another thing home based businesses can do is actually USE the security features that come with the computer. Operating systems on PCs and servers today come with very robust security controls and features. Unfortunately, many people choose to bypass these features because they are a hassle to implement and maintain. This is probably the biggest mistake that a business can make. These security controls can protect the computer from unauthorized access, creating a firewall that will protect you from the outside threats. Properly implementing and maintaining the built-in security systems of the computers, network routers and other applications you buy (like QuickBooks or PeachTree) are essential to protecting your data and your business.

ENCRYPT IT
Mobile computing for the home based business offers additional flexibility, but unfortunately brings more concerns. The use of laptop computers, Blackberries and Treos certainly allows for computing in more that just an office setting, and for many small businesses they are a requirement. It is important to recognize the additional vulnerabilities that come with using these tools. Laptops are often stolen or lost, and if that happens, your business data is gone as well. Having data encrypted on mobile devices makes sense and protects your information from others that do not have the key to decrypt. There is free encryption software out there that can help, like PGP Freeware, File Waster and CryptMage to name a few. Using wireless (WiFi) networks to go online also could expose you to “data sniffing” as your information may be floating unencrypted in the space around you. Someone with the knowledge and proper software on their laptop can simply pluck it out of the air.

DENY ACCESS
Lastly, keep others that are not actually conducting your business functions off your computer. You cannot allow friends and family to have unfettered access to your home based business computer. A significant amount of damage is done to home business computers accidentally, most frequently by children and their friends playing around on the business computer. First, lock the computer in an office area that is “off limits” to anyone not helping with the business. Then use the login/logout features after creating a user account for the business. Also, be sure that the administrator password has been changed.

Even if implementing some of the suggestions above are beyond your technological skills or comfort level, they can easily be accomplished with the help of local vendors that specialize in providing computer services. After an initial setup of the security features, a brief training session is usually sufficient to enable the owner to make small setting adjustments or determine when they need to call the vendor back for assistance.

So don’t wait… start making your homebased computer and data more secure TODAY!

 Questions, comments on this Hot Tip?  Email support@asnnotary.org