INTRODUCTION

Data security should be an important area of concern for every small-business owner. When you
consider all the important data you store virtually from financial records, to customers' private
information it's not hard to see why one breach could seriously damage your business

.Computer labs, or computer clusters, give many people access to computer programs and the
Internet. Schools, public libraries, hotels and government offices and companies set up computer
labs that contain a large quantity of computers, printers, scanners and other equipment. These
computers are usually hooked up to a central server and maintained by an IT Department. Lab
computers are used often by people with varying degrees of computer training. This means they
are at risk from viruses, corrupt files, spyware and malfunction. You must maintain lab computers
regularly in order to ensure that they don't crash prematurely. Computer lab maintenance
procedures may differ slightly depending upon whether you have Apple or PC computers.
Five Timesaving Tips for Computer Lab Managers Reduce maintenance hassles on public
machines.

Operating a computer lab can be a balancing act. Your patrons may benefit enormously from
having free or low-cost access to computers, but keeping those machines running can demand a lot
of time and energy. Tasks such as configuring new equipment, restoring system settings, and
ensuring that users are exercising safe Web-surfing habits can eat up much of a given workweek.
This can be particularly inconvenient for short-staffed organizations that lack a full-time IT
professional. Thankfully, there are a few steps you can take to streamline the process of
maintaining and servicing your public computers without sacrificing system performance or an
excessive amount of your staff's time. The following tips explain a handful of ways you can help
keep your lab running smoothly, even when time is at a premium. Note that while the tips below
may require a fairly significant amount of implementation time upfront, this initial investment can
save your staff many hours of work down the road.

he business need to be protected against hackers that is cyber security.Today, virtually all
businesses collect personal information about customers, employees and others. This information
is valuable to hackers – evidenced by the increasing frequency and severity of data breaches
across the globe. Big businesses are not the only ones who are vulnerable. Small and medium-
sized businesses with fewer data security resources are often targets for cybercriminals. In fact,
research we've conducted with the Ponemon Institute shows that more than half have experienced
a data breach and nearly three out of four report they can't restore all their data. The good news is
that businesses can take steps to protect themselves from destructive cyber intrusions. To preempt
hacking activity, you must think like a hacker.

DEFINATION OF TERMS:
Computer
Organisation
Authorities
Computer lab

BODY
Physical security measures that an organisation should take.

Lock up the server room

Even before you lock down the servers, in fact, before you even turn them on for the first time,
you should ensure that there are good locks on the server room door. Of course, the best lock in
the world does no good if it isn't used, so you also need policies requiring that those doors be
locked any time the room is unoccupied, and the policies should set out who has the key or
keycode to get in. The server room is the heart of your physical network, and someone with
physical access to the servers, switches, routers, cables and other devices in that room can do
enormous damage.

Set up surveillance
Locking the door to the server room is a good first step, but someone could break in, or someone
who has authorized access could misuse that authority. You need a way to know who goes in and
out and when. A log book for signing in and out is the most elemental way to accomplish this, but
it has a lot of drawbacks. A person with malicious intent is likely to just bypass it. A better solution
than the log book is an authentication system incorporated into the locking devices, so that a smart
card, token, or biometric scan is required to unlock the doors, and a record is made of the identity
of each person who enters. A video surveillance camera, placed in a location that makes it difficult
to tamper with or disable (or even to find) but gives a good view of persons entering and leaving
should supplement the log book or electronic access system. Surveillance cams can monitor
continuously, or they can use motion detection technology to record only when someone is
moving about. They can even be set up to send e-mail or cell phone notification if motion is
detected when it shouldn't be (such as after hours).

Make sure the most vulnerable devices are in that locked room
Remember, it's not just the servers you have to worry about. A hacker can plug a laptop into a hub
and use sniffer software to capture data traveling across the network. Make sure that as řmany of
your network devices as possible are in that locked room, or if they need to be in a different area,
in a locked closet elsewhere in the building.

Use rack mount servers

Rack mount servers not only take up less server room real estate; they are also easier to secure.
Although smaller and arguably lighter than (some) tower systems, they can easily be locked into
closed racks that, once loaded with several servers, can then be bolted to the floor, making the
entire package almost impossible to move, much less to steal.

Don't forget the workstations

Downloads provided by SolarWinds Hackers can use any unsecured computer that's connected to
the network to access or delete information that's important to your business. Workstations at
unoccupied desks or in empty offices (such as those used by employees who are on vacation or
have left the company and not yet been replaced) or at locations easily accessible to outsiders,
such as the front receptionist's desk, are particularly vulnerable. Remove computers that aren't
being used and/or lock the doors of empty offices, including those that are temporarily empty
while an employee is at lunch or out sick. Equip computers that must remain in open areas,
sometimes out of view of employees, with smart card or biometric readers so that it's more
difficult for unauthorized persons to log on.

Keep intruders from opening the case

Both servers and workstations should be protected from thieves who can open the case and grab
the hard drive. It's much easier to make off with a hard disk in your pocket than to carry a full
tower off the premises. Many computers come with case locks to prevent opening the case without
a key. You can get locking kits from a variety of sources for very low cost, such as the one at
Innovative Security Products.

Protect the portables

Laptops and handheld computers pose special physical security risks. A thief can easily steal the
entire computer, including any data stored on its disk as well as network logon passwords that may
be saved. If employees use laptops at their desks, they should take them with them when they
leave or secure them to a permanent fixture with a cable lock. They can be locked in a drawer or
safe or just slipped into a pocket and carried on your person when you leave the area. Motion
sensing alarms such as the one at SecurityKit.com are also available to alert you if your portable is
moved. For portables that contain sensitive information, full disk encryption, biometric readers,
and software that "phones home" if the stolen laptop connects to the Internet can supplement
physical precautions.

Pack up the backups

Backing up important data is an essential element in disaster recovery, but don't forget that the
information on those backup tapes, disks, or discs can be stolen and used by someone outside the
company. Many IT administrators keep the backups next to the server in the server room. They
should be locked in a drawer or safe at the very least. Ideally, a set of backups should be kept off
site, and you must take care to ensure that they are secured in that offsite location. Don't overlook
the fact that some workers may back up their work on floppy disks, USB keys, or external hard
disks. If this practice is allowed or encouraged, be sure to have policies requiring that the backups
be locked up at all times.

Disable the drives

The Modernization of Selling Videos provided by Microsoft Corporation. If you don't want
employees copying company information to removable media, you can disable or remove floppy
drives, USB ports, and other means of connecting external drives. Simply disconnecting the cables
may not deter technically workers. Some organizations go so far as to fill ports with glue or other
substances to permanently prevent their use, although there are software mechanisms that disallow
it. Disk locks, such as the one at SecurityKit.com, can be inserted into floppy drives on those
computers that still have them to lock out other diskettes.
Protect your printers
You might not think about printers posing a security risk, but many of today's printers store
document contents in their own on-board memories. If a hacker steals the printer and accesses that
memory, he or she may be able to make copies of recently printed documents. Printers, like
servers and workstations that store important information, should be located in secure locations
and bolted down so nobody can walk off with them. Also think about the physical security of
documents that workers print out, especially extra copies or copies that don't print perfectly and
may be just abandoned at the printer or thrown intact into the trash can where they can be
retrieved. It's best to implement a policy of immediately shredding any unwanted printed
documents, even those that don't contain confidential information. This establishes a habit and
frees the end user of the responsibility for determining whether a document should be shredded.

Summary
Remember that network security starts at the physical level. All the firewalls in the world won't
stop an intruder who is able to gain physical access to your network and computers, so lock up as
well as lock down.

Business data need to be protected. Data-Security Measures you can't do without. Using these
simple methods can protect your business and your peace of mind. Also the business can growup.

Data security should be an important area of concern for every small-business owner. When you
consider all the important data you store virtually from financial records, to customers' private
information it's not hard to see why one breach could seriously damage your business.Here are the
tips for data security measures:

Establish strong passwords

Implementing strong passwords is the easiest thing you can do to strengthen your security. Use a
combination of capital and lower-case letters, numbers and symbols and make it 8 to 12 characters
long. According to Microsoft , you should definitely avoid using: any personal data (such as your
birthdate), common words spelled backwards and sequences of characters or numbers, or those
that are close together on the keyboard. Use their convenient password checker to see how strong
yours is. As for how often you should change your password, the industry standard is "every 90
days," but don't hesitate to do it more frequently if your data is highly-sensitive. Another key:
make sure every individual has their own username and password for any login system, from
desktops to your CMS. "Never just use one shared password. And finally, "Never write it down!.

Put up a strong firewall

In order to have a properly protected network, "firewalls are a must. A firewall protects your
network by controlling internet traffic coming into and flowing out of your business. They're
pretty standard across the board, recommends any of the major brands.

Install antivirus protection

Antivirus and anti-malware software are essentials in your arsenal of online security weapons, as
well. "They're the last line of defense" should an unwanted attack get through to your network,
Update your programs regularly
Making sure your computer's are "properly patched and updated" is a necessary step towards
being fully protected; there's little point in installing all this great software if you're not going to
maintain it right. "Your security applications are only as good as their most recent update. "While
applications are not 100 percent fool-proof, it is important to regularly update these tools to help
keep your users safe." Frequently updating your programs keeps you up-to-date on any recent
issues or holes that programmers have fixed.

Secure your laptops

Because of their portable nature, laptops are at a higher risk of being lost or stolen than average
company desktops. It's important to take some extra steps to make certain your sensitive data is
protected. Encrypt your laptop. It's the easiest thing to do." Encryption software changes the way
information looks on the harddrive so that, without the correct password, it can't be read. Clou
Also the importance of never, ever leaving your laptop in your car, where it's an easy target for
thieves. If you must, lock it in your trunk.

Secure your mobile phones

Smartphones hold so much data these days that you should consider them almost as valuable as
company computers and they're much more easily lost or stolen. As such, securing them is
another must.

Backup regularly
Scheduling regular backups to an external hard drive, or in the cloud, is a painless way to ensure
that all your data is stored safely. The general rule of thumb for backups: servers should have a
complete backup weekly, and incremental backups every night; personal computers should also be
backed up completely every week, but you can do incremental backups every few days if you like
("however long you could live without your data Getting your data compromised is a painful
experience having it all backed up so you don't completely lose it will make it much less so.

Monitor diligently
"All this great technology is no good unless you actually use it. You have to have someone be
accountable for it. One good monitoring tool is data-leakage prevention software, which is set up
at key network touchpoints to look for specific information coming out of your internal network. It
can be configured to look for credit card numbers, pieces of code, or any bits of information
relevant to your business that would indicate a breach. If you don't monitor things, warns "it's a
waste of time and a waste of resources." And you won't know that you've been compromised until
it's far too late.

Be careful with e-mail,

IM and surfing the Web It's not uncommon for a unsuspecting employee to click on a link or
download an attachment that they believe is harmless only to discover they've been infected with a
nasty virus, or worse. "Links are the numbers one way that malware ends up on computers, "Links
are bad!" As such, never click on a link that you weren't expecting or you don't know the
origination of in an e-mail or IM. You have to "be smart when surfing the Web. "You should take
every "warning box" that appears on your screen seriously and understand that every new piece of
software comes with its own set of security vulnerabilities."

Educate your employees

Teaching your employees about safe online habits and proactive defense is crucial. "Educating
them about what they are doing and why it is dangerous is a more effective strategy than expecting
your IT security staff to constantly react to end users’ bad decisions. It's not easy: "One of the most
difficult things to do is protect end users against themselves. But ultimately, prevention is the best
approach to handling your data security. Make sure your employees understand how important
your company's data is, and all the measures they can take to protect it.

Time is very important in an organisation. The following are five timesaving tips for Computer
Lab Managers. It reduces maintenance hassles on public machines. Therefore the following should
be implemented.

Operating a computer lab can be a balancing act. Your patrons may benefit enormously from
having free or low-cost access to computers, but keeping those machines running can demand a lot
of time and energy. Tasks such as configuring new equipment, restoring system settings, and
ensuring that users are exercising safe Web-surfing habits can eat up much of a given workweek.
This can be particularly inconvenient for short-staffed organizations that lack a full-time IT
professional. Thankfully, there are a few steps you can take to streamline the process of
maintaining and servicing your public computers without sacrificing system performance or an
excessive amount of your staff's time. The following tips explain a handful of ways you can help
keep your lab running smoothly, even when time is at a premium. Note that while the tips below
may require a fairly significant amount of implementation time upfront, this initial investment can
save your staff many hours of work down the road.

Implement disk-protection measures.

Depending on your program goals for the public access computers, you may want to allow your
users to download and install software they might need, change the screen resolution for a better
view, or create new files, you also want to minimize the time your staff spends removing software,
restoring system settings, or cleaning up spyware that users have accidentally downloaded. One
solution that can help you achieve a happy medium is to use disk-protection software, applications
that allow administrators to quickly restore a computer to its original configuration. Disk-
protection programs essentially take a snapshot of a system in its clean state, without placing any
restrictions on what users can and cannot do. Once the administrator reboots the computer, all of
the computer's settings will return to the default configuration, overriding any changes a user has
purposefully (or inadvertently) made. Examples of commercial disk-protection programs include
products such as Faronics Deep Freeze (about $20 per license for nonprofits and libraries);
Centurion DriveShield Plus (contact company for library and educational pricing structures); and
Fortres Clean Slate (contact company for pricing information). Alternatively, labs already running
Microsoft XP computers can take advantage of Windows SteadyState , a free tool from Microsoft
to help maintain and protect shared computers. In addition to disk protection, it offers other
patron-management features, which you can learn more about on Microsoft's Web site. If you need
other features like antivirus protection and system-diagnostic tools, you might investigate Norton
Systemworks 10 (available to qualifying nonprofits from TechSoup Stock at the rate of $75 for 10
licenses). Finally, if you can't find a disk-protection solution that fits your needs or budgets, you
might want to experiment with Windows' built-in User Accounts tool, which allows you to restrict
users from changing system settings or installing applications.

Reduce setup times with cloning software.

Whether your organization is setting up its first computer lab or simply replacing your old
machines with newer models, installing operating systems, software, and hardware drivers on
dozens of machines can consume days of your time. However, you may be able to save yourself a
substantial amount of system-setup time through a process known as cloning. Cloning involves
using a piece of specialized software to copy one system's configuration and settings so they can
quickly be installed on other machines. In the case of a complete system crash, cloning may also
be a faster way to get a computer back up and running than performing multiple troubleshooting
techniques. It's important to note that, when cloning a system, you should take care to ensure that
the original configuration is to your liking, since all other computers you clone will be exact
reproductions of the original. For a more detailed look at cloning and cloning software, read
TechSoup's article Cloning: A Fast, Easy Way to Set Up Multiple Computers.

Automate maintenance tasks when possible.

Although disk-protection software can save you maintenance time by allowing you to undo any
changes users have made to the computer, these types of programs may be too expensive or too
complex for labs with very few resources. If you decide that disk-protection software is not a
feasible option for your lab, you may want to set up a regular maintenance schedule and explore
ways to automate maintenance tasks. For instance, Windows 98 and later operating systems
include a Scheduled Tasks feature that lets you automate certain functions or applications to run at
a specific daily time or when the administrator boots up the computer. So, you might choose to run
Windows' Disk Cleanup utility every night at 2 a.m. when your computers are not in use, or you
may schedule Windows to automatically search for updates each time the computer is started. To
access the Scheduled Tasks feature, click Start > Control Panel > Scheduled Tasks; double-click
Add Scheduled Task, then click Next. (The items that appear in the list include all of the programs
on the operating system, including tools to protect and back up your system.) A wizard will walk
you through the process of choosing a utility from the list and scheduling it to run. Labs without
disk-protection software might also want to consider scheduling other programs on their
computers to run at regular intervals. For instance, many anti-spyware applications let you
automate scans at system startup, a good way to make sure your machines are clean at the
beginning of each day. Many disk-defragmentation utilities also let you schedule clean-ups at
periodic intervals. To determine whether an application supports scheduling, consult its bundled
help files or the manufacturer's Website. Note that, regardless of whether you've installed disk-
protection software or plan to manually maintain the computers, you should not neglect to equip
your machines with antivirus software. If you need some advice on where to find antivirus
software, visit TechSoup's Virus-Prevention Toolkit.
Employ some form of content filtering.
If minors frequently use your computer lab, allowing them unrestricted access to the Internet
means that there's a good chance they could encounter pornography, profanity, or other content
that their parents might object to. Even if your patrons are mainly adults, you may still find it
useful to restrict access to certain types of online content, as this may help reduce your liability.
One way to prevent the flow of objectionable material over your computers without having to
spend time manually policing users is to install a content filter, a piece of hardware or software
that restricts access to certain types of material and Web sites. Generally, content filters block sites
according to category (such as pornography, extreme violence, and hate speech), though many can
also restrict specific sites or pages containing administrator-specified keywords. Note, however,
that content filters have their share of both pros and cons, as well as a fair number of advocates
and critics. For a more in-depth look at content-filtering technology in general, read TechSoup's
articles Understanding Content Filtering: An FAQ for Nonprofits and Content-Filtering Tools: An
FAQ for Nonprofits.

Use remote-access software to speed tech-support requests.

If your lab is part of an organization or library system that has branches spread out across a
geographical area, you may not always receive quick resolutions to your tech-support requests,
since IT staffers might have to travel in order to service your computers in person. To overcome
this potential obstacle, consider a remote-access application, a program that allows a computer in
one location to connect to a computer in another location, no matter how far apart the machines
physically are. Remote-access software allows an IT staffer to connect to one of your labs'
machines either via your organization's own network or the Internet — and take control of the
computer in order to perform tasks such as scanning for viruses, installing software updates, and
troubleshooting. For more detailed information on how remote-access software works and what
features to look for in a program, read TechSoup's article Hands-On Tech Support from Afar,
which compares five applications that work across multiple platforms. With the right combination
of software and the knowledge of a few key best practices, you can keep your public computers
running smoothly without excessively draining your time. Best of all, a computer lab that stays in
good working order will also help to keep its constituents happy, an ideal situation for everyone
involved.

The business computer lab need to be maintained regulary. The following are some of the tips you
can implememt inoder to maintain the computer lab. The computer lab should stay clean. Here are
the tips.

Establish the perimeters of your computer lab according to your organization's rules.
You may need to decide what search terms or websites you want to deny to your lab users. You
will also want to establish the criteria for your firewall. Seek the help of an IT service or IT
department, if you are not knowledgeable about computers. Ask the users to seek the help of the
administrator or IT staff if they have a problem.

Post a "Computer Lab Rules" sheet that clearly states computer lab restrictions.
These may include prohibition of food and drink, downloading software, opening attachments,
removal of equipment, access to illicit sites and more. Many labs maintain that anyone caught
breaking the rules is removed from the premises. Plug all your computer equipment into a surge
protector. Spikes and surges in electrical power can break or damage electrical equipment, as well
as lose lab users' data. This is especially important in country computer labs and places that are
prone to lightning storms.

Set up a firewall.
This is a protections system for your computer lab. Choose a network layer firewall that will deny
access to sites or programs that don't fit into the acceptable criteria you have chosen.

Set up weekly updates or automatic updates for your lab computers.

Many computer programs, such as Microsoft Office Suite, update their software and protection
regularly. You will want to schedule these updates for a time when the computers are not in public
use, and you may be able to do them from 1 central computer.

Install an anti-virus program on the computers and/or network.

This will usually stop a program from downloading if it suspects a virus. You can run daily or
weekly reports on the computers to check more carefully for viruses.

Install an anti-spyware program on your computers and/or network.

Spyware programs install themselves onto computers to gather personal information. Anti-
spyware programs can stop these harmful programs from corrupting or filling up your computer.
Some computer labs choose to download a spyware program purposefully onto their lab
computers. These programs are sometimes called "keyloggers," and they can gather data about
how the lab computers are being used for the system administrators. Anti-virus and anti-spyware
programs are especially important for Windows operating systems. Schedule scans on both
programs every week. Apple computers have been less susceptible to viruses in the past; however,
they are increasingly under threat.

Back up your computers on a regular basis.

If your computer lab becomes corrupted by a virus, you can return to the previous backup to
restore it.

Use the hard disc cleanup and defragmentation utilities regularly.

These Windows utilities regularly remove temporary files and keep the hard drive from
fragmenting. If done on a weekly basis, the processes will be shorter than if you do it on a
monthly basis. Go to "My Computer" and right click on the "Local Disk" icon. Under "Properties"
select "Disc Cleanup."

Do not unplug printers, scanners and other connected machines when the computers are on. Eject
any USB devices before unplugging them. You may need to post this on your "Lab Rules."

Turn off all computers by selecting the shut down option on the desktop.
The business need to be protected from hackers. The following are some of the suggestion you
might consider to prevent hacker from your data and information. These suggestions might be
usefull in keeping you happy and stress free.

Think beyond passwords:

Never reuse them and don't trust any website to store them securely. To increase the level of
security, set up a two-factor authentication for all your online business accounts. This
authentication relies on something only you should know (your password) and authenticates
something only you should have (typically your phone) to verify your identity.

Stop transmission of data that is not encrypted:

Mandate encryption of all data. This includes data at "rest" and "in motion." Consider encrypting
email within your company in personal information is transmitted. Avoid using WiFi networks, as
they may permit interception of data.

Outsource payment processing:

Avoid handling credit card data on your own. Reputable vendors, whether it's for point-of-sale or
web payments, have dedicated security staff that can protect data better than you can.

Separate social media activity from financial activity:

Use a dedicated device for online banking and other financial activities, and a different device for
email and social media. Otherwise, just visiting one infected social site could compromise your
banking machine and sensitive business accounts.

"Clean house" and update procedures:

Evaluate your assets and valuable data to identify where your organization is most at risk. It's
important to reduce the volume of information you keep on hand (only keep what you need!) and
properly destroy all paper documents, CDs/DVDs and disks before disposal. Consider assessing
your business's email infrastructure, browser vulnerability, and ID system. Do not use Social
Insurance Numbers as employee ID numbers or client account numbers. You should also question
the security posture of your business lines, vendors, suppliers or partners.

Secure your browser:

Watering holes – malicious code installed on trusted websites – are a common method of attack
against businesses. How do you know which websites to trust? Focus on keeping up-to-date with
the latest version of your browser. Then, test your browser configuration for weakness.

Secure your computers and operating system:

Implement password protection and "time out" functions (requires re-login after period of
inactivity) for all business computers. Require strong passwords that must be changed on a regular
basis. Also be sure to update all operating systems, which have major security improvements
baked in. It's far easier to break into older operating systems like Windows XP or OS X 10.6
Secure your internet router:
Make sure someone can't intercept all the data sent through it. Consider configuring your wireless
network so the Service Set Identifier (SSID) – the name the wireless network broadcasts to
identify itself is hidden.

Safeguard and back up your data:

Lock physical records containing private information in a secure location and create backups.
These should be encrypted and off-site in case there's a fire or burglary.

Educate and train employees:

Establish a written policy about data security, and communicate it to all employees. Educate them
about what types of information are sensitive or confidential and what their responsibilities are to
protect that data. In addition, restrict employee usage of computers for only business purposes. Do
not permit use of file sharing peer-to-peer websites or software applications and block access to
inappropriate websites. It's important to remember that no business is "too small" for a hacker, all
businesses are vulnerable.

The sooner you can get ahead of potential hacking activity, using the above steps, the sooner
you'll be prepared to thwart, mitigate and manage a data breach.