Knowledge and vigilance: key ingredients to information security.

• Author: Reisz, Scott

When most firms think about security needs, items such as alarm systems, vaults, uniformed officers and armored cars come to mind.

As necessary as measures like these continue to be, the single biggest threat to your company's--and your clients'--security may be sitting right on your desk.

[ILLUSTRATION OMITTED]

Whether you're a corporate accountant, an independent contractor or work for a CPA firm, the network of computers and connections that make today's electronic marketplace so quick, convenient and cost-effective may be the pipeline for danger.

The names say it all. Viruses. Hackers. Worms. None sounds like the ingredient for a pleasant dream. Giving these destructive electronic evils access to your personal, company and client data is a recipe for disaster.

"Every office network must have a plan in place that secures information wherever it resides--on your computers, on your servers, in a PDA or on a smart phone," said Christopher Jenkins, chief technology strategist for The Ohio Society of CPAs.

"Your clients' data is one of your most valuable assets, and without a solid security plan, you risk that data every day--sometimes just by turning on the power."

Protecting your electronic assets doesn't require a security plan that would rival Fort Knox. It does, however, require some forethought, knowledge and vigilance.

[ILLUSTRATION OMITTED]

"Most clients I speak with are quick to tell me: 'We're not NASA,'" said Bill Owens, a certified information security manager (CISM) and business consultant with Dublin, Ohio-based information technology firm Affiliated Resource Group.

"And while they may not think they've got a lot to protect, their clients would probably disagree."

"I typically counsel companies to implement a security plan that makes them comfortable, then take it one step beyond that," Owens added.

"The additional security does mean they'll need a little more time to do the things they need to do, but when a breech happens--and it's not a matter of if, but when--they'll be far better protected and prepared to recover quickly."

Basic Measures

The first and most essential line of defense against electronic dangers is quality network administration, Jenkins said. If your computer, server, network or other device is set up correctly from the start, and gets regular updates, you're far less likely to fall victim to intrusions, he said.

"When you set up your system or install software, never, ever accept the defaults," Owens advises. "Allowing the manufacturer to set passwords and decide where to locate programs on your system may make the...