If you are an IT Manager—or if you hope to become one—overseeing your organisation’s online security will be a big part of your job description. In the era of cloud computing, digitisation of information, and the computerisation of organisational operations, online security has become a number one concern for companies worldwide.
To help you understand the basics of online security, this guide covers the following topics:
- Basic network security
- Malware protection
- E-mail security
- Cloud security
- Other responsibilities
Basic network security
Office computers are usually linked to one another through a LAN (local area network), enabling them to communicate and to exchange data freely. This network then plugs into a larger global network whenever internet access is enabled. This kind of access to the outside world flows both ways, however, and causes a certain degree of vulnerability to a company’s own network and systems.
As an IT Manager, it will be your responsibility to prevent unauthorised access or misuse of your organisation’s computer network or network resources via the internet. This can mean the prevention of malicious hacking, denial of service attacks, and data interception, as well as things like blocking employees from accessing their work computers from home.
Your responsibilities may include:
- Managing user authentication and ensuring that only validated users have access to the network
- Regularly auditing system activities
- Configuring network settings to manage network access and minimise vulnerability
- Implementing data encryption (if confidentiality and data protection is a priority)
- Installing firewalls and intrusion detection software
- Ensuring that employees select strong passwords (and change them regularly)
- Ensuring physical security in terms of hardware and network setup
Imagine that when you arrive at the office one morning, you switch on your computer to discover that all your computer files are locked and that you have to pay a large sum of money into an anonymous bank account to unlock them! This situation is caused by a kind of malware (malicious software) called ransomware. Ransomware can infect files across a whole network of computers if just one employee makes the mistake of downloading an infected file.
There are thousands of different kinds of malware and computer viruses out there that can disrupt your organisation’s network. Some—like ransomware—are extremely malicious, while others—like adware—merely slow down a computer by flooding it with irritating pop-up ads.
As an IT manager, it will be your responsibility to make sure that your network is protected against these kinds of invasive programs. Employees can unsuspectingly download an infected file, so it is your responsibility to:
- Keep all the computers’ operating systems updated
- Install good internet security and anti-virus software on all computers
- Install firewalls that will prevent employees from accessing untrustworthy websites and files
- Keep all your security systems up to date
- Make sure regular virus scans are done on all the systems
Viruses can also be spread via e-mails. But this isn’t the only risk that e-mails pose to a company’s online security. E-mails can be hacked, be a source of scams and fraud, and cause data leaks.
As an IT manager, it will be your responsibility to make sure that employees’ e-mail accounts are secure and protected. You will need to:
- Make sure all e-mail accounts are set up on a company server
- Install e-mail security software, and make sure it’s updated regularly
- Optimise content blocking and identity protection e-mail settings
- Install e-mail encryption software or plugins (if confidentiality is a priority)
Cloud computing has taken over the world of work. Most companies and professionals now use one form or another of cloud storage or software – whether it’s Dropbox, Google Docs, or more substantive cloud-based software packages.
Cloud computing essentially means that instead of storing data on your computer hard drive, you store it on a remote server and access it via the internet. This poses a unique threat, however, as files can be intercepted or tampered with by malicious parties.
As an IT manager, it will be your responsibility to contract a trustworthy cloud computing service provider, as well as to:
- Determine the processes whereby employees use the cloud-based services
- Manage security concerns
- Liaise with service providers
An IT manager’s duties do not end with the technical concerns of online security, but also include:
- Writing a company code or guide for safe internet usage
- Training employees on correct internet usage
- Liaising with third-party service providers
- Managing software subscriptions
- Reporting on security vulnerabilities
- Managing and responding to security breaches and incidents
Start your career in IT management
Becoming an IT department manager is one of the best career moves you can make. Every organisation across every sector increasingly relies on computerised and digital processes. This is why there will be a continuously growing demand for professionals in this field—especially professionals with a good handle on online security.
But you can’t just step into management—you have to start with the right training, qualifications, and experience. So why not get your start in the IT industry by completing a part-time computer studies course from home?