Printer Friendly

The 10 commandments of data security.

The 10 Commandments of Data Security

I recently asked executives I work with what they believe to be the number one concern about using PCs. It was no contest: Security won hands down. So, with all due respect to the original author, I came up with the following 10 commandments. They may not be foolproof, but if security is what you want, they offer some simple tips to lessen your risk of data loss. 1. Back up your system daily. All computers come with a feature that allows you to copy everything in the computer onto a separate data diskette (or tape). The purpose, of course, is to use this backup as a safety net in case the original data are destroyed.

There is an old data processing saying, "If it's worth entering, it's worth backing up." Without backups, there is no data security. Too many people learn this bitter lesson after the disaster. 2. Keep a copy of your backup off site. What if your building burns down? What if your backup was sitting next to your PC? I keep my backups in a bank vault across town. If the association and the bank ever burn down on the same day, I'm in big trouble. 3. Keep on-site backups under lock and key. If someone wants to steal your data, the easiest way is to run off with a backup of your system. Why help the thief by doing the work for him or her. That's exactly, what you may do if you leave your backups out in the open. I keep my on-site backups in a locked file drawer. 4. Test your system of backup. Almost every data processing veteran has a war story about faithfully making backups only to find out the copies were defective. I'll tell you mine sometime. Come to think of it, I just did. It is good practice to do a "test restore" once in awhile to make sure you can recover when (not if) disaster strikes. 5. Beware of shareware. The name shareware is given to legal shared software. Illegal shared software is generally called pirated software. Shareware and pirated software are far and away the main sources of computer viruses, which are programs whose only purpose is to destroy data. It's tempting to use shareware; I use it myself. If you use shareware, just be certain you are getting it from a reputable source, or avoid it altogether. In my experience, both Compuserve and PC MagNet are reputable shareware sources.

Certain software - both shareware and commercial software - offers a degree of protection against viruses. However, consider the now-famous story of the health care company near Chicago that installed a shareware package to protect against last year's dreaded "Datacrime '89" virus. You guessed it, the shareware package was contaminated with the virus. 6. Use passwords. The simple precaution of using passwords can save you a lot of headaches. Some tips for foiling the hackers: Don't use English words (most password-cracking routines use an English dictionary) and don't use your initials, your spouse's name, your dog's name, or any other word that a hacker could easily figure out. 7. Do not share passwords. I can't count the times I've walked into offices and seen passwords posted above a computer screen. Smart, 'eh? Each individual should have his or her own password. Managers should insist that users not share passwords. The minute one user shares a password with another, security has been broken. Passwords for groups of people are also security risks. 8. Change passwords frequently. The more frequently passwords are changed, the less likely it is a stolen password will be used. Also, always remove an employee's password when he or she leaves. 9. Watch your modem. If you have a modem attached to your system, the outside world can get to you. You can minimize the risk of intrusions by turning the modem off when it is not in use and by having a system that is smart enough to recognize the caller's phone number.

Some systems are even programmed to receive a call; then they call users back at designated phone numbers. This means only people at selected phone numbers can get into your system. 10. Be alert. For example, if you think someone is trying to steal your mailing list and you see one of your employees carrying boxes of diskettes home, ask questions.

Somebody once pointed out that what Moses brought down from the mountain was the Ten Suggestions, not the Ten Commandments. Perhaps what I have outlined here would more aptly be called the 10 suggestions for data security. Nothing is foolproof, but following these guidelines will help.

Steven L. Harrison is director of information management systems at the American Nurses' Association, Inc., Kansas City, Missouri.
COPYRIGHT 1991 American Society of Association Executives
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 1991, Gale Group. All rights reserved. Gale Group is a Thomson Corporation Company.

Article Details
Printer friendly Cite/link Email Feedback
Author:Harrison, Steven L.
Publication:Association Management
Article Type:column
Date:Mar 1, 1991
Previous Article:The European connection.
Next Article:Growing pains.

Related Articles
Pious display.
Charleston Council's Commandments plaque endorses religion, state court rules.
I Am Zipporah.
Colo. County School Board Rejects Overture To Post `In God We Trust'.
The issue at hand.
'Commandments judge' Moore soundly defeated in Alabama primary.
Document of dedication.

Terms of use | Copyright © 2017 Farlex, Inc. | Feedback | For webmasters