If you run a small business, you may be operating its network like you operate your home network. You don't want to do this with all of your critical business information at stake. Here's a security baseline for small business:

* Physical access to servers, backup, and network equipment is restricted and controlled.
* Backup power sufficient to allow for graceful shutdown of servers is in place.
* The local network is isolated from the Internet by a hardware UTM device, firewall, or NAT router.
* If wireless access is in use, security is applied, preferably WPA or WPA2 with AES encryption.
* File servers are protected by appropriate anti-malware applications.
* Mail servers are protected by anti-spam software or this is implemented at the gateway.
* Password policy requires strong passwords, frequent changes, and is enforced.
* Desktops use screen savers and they are password protected.
* Unless they are required to be left on for security scanning or backup purposes, desktops are powered down at night.
* Desktops have appropriate anti-malware applications installed.
* Company policy regarding appropriate use of the Internet is in place and enforced.
* Data is backed up and media is stored securely off-site.
* Encryption is implemented and in use for the storage of sensitive information.
* Procedure is in place for denying access to personnel upon termination of employment.

Read the full article over at my Security Corner blog: [url=http://itknowledgeexchange.techtarget.com/security-corner/security-baseline-for-small-businesses/:1yc2emyl]Security Baseline for Small Businesses[/url:1yc2emyl].

And while you're at it, check out my latest status as an expert author for Ezine Articles: [url=http://askthegeek.kennyhart.com/index.php/2009/03/13/new-articles-released-through-ezinearticles-site/:1yc2emyl]Articles Released at EzineArticles Site[/url:1yc2emyl].

By the way, let's play "Where is Dave?"