IT Tips: Security
Terminated Employees User IDs
When an employee who had any computer access is terminated, it's critical to block that access as soon as possible. However, instead of deleting their User ID on the system, try to deny access to the user. (Most systems have a switch to deny access but leave the User ID in place, or else you can simply change the user's password). Here are the reasons to Not delete the user immediately: 1) If there is or has been suspicious activity, it becomes important to know what areas the employee had access to and 2) when you hire the replacement (which probably occurs weeks later) it's important to review what the prior employee had access to, and determine if the new employee needs the same level or perhaps less until they pass a probation period. Both of those scenarios become impossible if you simply delete the User ID when the terminated employee walks out the door.
Computer Use Policy
- Establish a computer and communications systems usage policy for your dealership that covers the rules and procedures that employees must follow to use the dealership computer systems. Require employees to read and sign it each year. The policy should include discussion of the following topics:
- Ownership of systems and data
- Employee computer security responsibilities
- Use of passwords
- Antivirus software and practices
- Software licenses
- Physical security
- Privacy expectations (employer’s right to monitor)
- Acceptable use policies (business vs. personal use)
- Prohibited activities
- Policy violations
- Internet use policy
Security Mistakes to Avoid
- In order to manage and maintain dealership IT security, keep in mind the avoidable security mistakes that could potentially create breaches in your network security and create havoc in your dealership. Following are five frequent security mistakes that you as a dealer should know and avoid:
- Opening unsolicited e-mail attachments from unknown sources (most viruses are distributed in attachments).
- Failing to install security patches, especially for desktop PC operating systems (Windows), applications (MS Office), and browsers (Internet Explorer and Netscape)
- Installing screen savers or games from unknown sources (e.g., downloaded from the Internet)
- Failing to make and test backups of programs and data files
- Using a modem to access the Internet while it is attached to the LAN (opens up your entire LAN to hackers, bypassing the firewall)
- Protect your dealership network from intrusion from the Internet with a software or hardware firewall that works with a router to block potentially malicious traffic. This is a critical area, so get help if you need it to make sure you are protected from hackers.
- Install antivirus software on all desktop and laptop PC's, servers, gateways, and routers and keep the virus signature data files up to date by downloading them at least weekly. Aggressive use of antivirus software will reduce the chances of harm to an individual PC and can eliminate a virus before it infects many workstations. Configure the antivirus software so that it will scan all email messages and attachments, downloads, and file transfers from floppies and CD's for dangerous content automatically. Also set it up to perform a complete automatic system scan at least each month with no action by the user. Most importantly, ensure the antivirus software is installed so that users cannot disable it.
- For an additional level of protection, install an anti-virus appliance server on the outer edge of your network, preferably right behind the firewall, to catch viruses before they can infect any servers or workstations. This appliance should scan emails, web pages, file transfers, Java and ActiveX applets.
Backups and Offsite Storage
- Establish a schedule and process for full-volume and differential program and data file backups that are stored offsite. Ensure your system administrator has the skills to restore systems from the backup tapes and can run special backups on all systems immediately in case an intrusion is detected. Without good backups, small security breaches can become calamities — both in terms of financial loss and time wasted.
Remote Access and Modems
- Remote access to your dealership LAN should be enabled only through a controlled, secure remote access method that requires user ID and password verification.
- Don't allow modems to be installed on LAN-connected PC's, except as a backup on a particular PC when Internet connection cannot be made through the router. Install personal firewall software on this PC as a protection against intrusion.
General Security Tips
- Have your system administrator enable logging for important system level events and for services and proxies to create an audit trail; set up a log archiving facility. Systems without effective logging are blind and make it difficult to learn what happened during an attack.
- To check your security posture, have a computer security firm conduct an audit of your network to determine your exposure to intrusion, such as open ports.
- Keep your desktop, router, and server operating systems updated with the latest security patches.
- Use the user profiles and permissions capabilities of Windows XP and 2000 Professional to control what users can do on their PC's. Permissions are a powerful tool that can enhance your security and significantly reduce the amount of maintenance a PC requires.