Is the EU in a Position to Achieve Its i2010 Goals?

How good are your IT management practices?

For IT experts this list serves as a reminder to seek any gaps in the way your IT infrastructure is protected. For the non-expert it acts as a checklist when consulting advisors and suppliers.

- A large amount of any businesses' data, including documents, spreadsheets and email, end up stored on the local drives of employees' PCs. Make sure you have a regular routine in place for backing this data up to a central location. There are products that can fully automate this and will run on current and past versions of Microsoft Windows and other desktop operating systems.

- This needs to include laptop PCs, either as soon as they re-attach to the internal network or remotely over the internet. Remote backups are not impractical, good backup software will just look for recent changes. Backing up to a local disk does not always protect against theft (unless the user is diligent in keeping the storage disks and PC separate).

- The reason for doing this is because of the high failure rate of PCs. All too often this will not be due to a hardware failure but an operational failure caused by mal-ware or other misuse. Help minimise this by ensuring that all PCs are protected by anti-virus software. This needs to be kept up to date automatically, which requires an annual subscription. Most anti-virus products will run on current and past versions of Microsoft Windows and other desktop operating systems.

- Many anti-virus vendors now also have an anti-spyware offering that checks PCs for software that has been inadvertently downloaded while browsing the web. Spyware is an invasion of privacy but more importantly it can degrade the performance of already overworked PCs.

- Once PCs have been backed up to a central location, this data too needs to be backed up, along with any other data stored at that location. For many SMBs this will be a server set aside for ad-hoc storage and backup. If you have no need for a server, use a separate network attached storage device.

Such devices can be purchased for little cost these days and have huge capacity.

- Ensure you also take copies of these central backups off site, for protection against fire etc.

- Server failure can also be caused by viruses and other mal-ware, so make sure they are also protected by anti-virus software. Most anti-virus products run on the different operating systems used by SMBs.

- When considering new applications, consider hosted solutions as an alternative to running them in house. A third party will have the expertise to provide secure communications across the internet and will take care of the backup of data under their management.

- If you already outsource email management, check your supplier's ability to filter spam, viruses and phishing emails (those pretending to be from banks etc.). If you manage email in house ensure you have this capability.

- Wherever your internet connection enters the organisation make sure it is protected by a firewall that includes intrusion prevention software. Intrusions such as worms target operating systems and common applications like databases.

- Upgrades are disruptive and for many it is too impractical and expensive to install them all. But patches, which fix known problems, serve an important role. Installing patches is not half as disruptive as a major IT failure. Virus writers and worm writers usually target software vulnerabilities once they have been identified by the vendor. The highest risk period is between the vendor announcing the problem and the patch being installed. Patches are provided for free (unlike many upgrades) and their installation can be automated.