Security is important, especially when dealing with computers and the information they contain. Good security in the business sector covers many things. Proper policies and procedures for staff (security or otherwise), good surveillance systems, and good computer security practices such as strong passwords, encryption, and making sure to never leave a workstation unlocked when away from it. Security also covers the network the computers connect to inside the business, and the servers that separate the internal network from the Internet.
Proper security with staff starts with being wise to “social engineering.” One of the easiest ways for people to gain access to computers and other information is by duping staff into giving up information by pretending to be officials or maintenance staff. Having clear lines of communication and documentation of all the comings and goings into and out of the building will help a lot in reducing this. Proper surveillance systems will also help in this, especially if you do manage to have a breach of security.
Strong passwords and the use of encryption is another point of failure. A good password system will require the use of upper and lower case letters, numbers, and special characters. Taking it further would be a system that does not allow for dictionary words, names, or things like phone numbers, birth dates, social security numbers or similar words. Every different login on the system should require a different password. Reusing of passwords is not at all secure. Encryption of files is the next step.
Lastly, no computer should ever be left logged in unattended, even for just a few minutes. A workstation that is left logged in is ripe for the picking. There should also be a restricted policy on portable devices such as thumb drives, iPods, and other small storage devices. Nearly all of them can be used to store data and be concealed. This makes a very attractive vector for loss and theft of valuable data.