Keeping your computer secure is extremely important. You probably know the frustration of not being able to use your PC if it gets infected with a virus, but it’s easy to forget about risks like data theft. Your data is your business. Your personal information isn’t the only thing at stake; you also owe it to your employees and clients to protect the data you have on them.
November 30th is Computer Security Day. While it’s always important to prioritize security when it comes to your IT, today is a great day to evaluate your current practices and make sure you are doing what needs to be done to protect your computers, network, and company data.
Remember, a chain is only as strong as its weakest link, and your IT is the same. If you have one particular user on your network or one PC that doesn’t get maintained, it puts the entire network at risk. This is why it is important to ensure that your entire organization is made aware of how they too need to consider themselves responsible for the business’ security.
Below, you will find a checklist to help you determine if your business has security-centric habits. Sharing this with your staff and establishing company-wide policies is a step in the right direction towards making your business more security-minded.
- Use strong passwords that that use a combination of capital and lowercase letters, numbers, and symbols. Or use a passphrase instead with something like; My son drives a 2014 pickup!
- Passwords are not to be shared. Sharing passwords invalidates their security benefits.
- Don’t use the same password across multiple accounts. For example, if your Yahoo Mail password is the same as your Paypal password, if hackers get a hold of your Yahoo password, they now have access to your Paypal as well. This happens whenever there is a major breach.
*Your business can set up password policies for certain logins, but it is up to the employee to make sure all of their online accounts are secure.
- Make use of 2-factor authentication whenever possible. 2FA requires a second credential to be input after the initial password, doubling the relative security of the account in question. This second credential can be a random code delivered via text message or through an app on your phone.
- Ensure that all mobile devices and workstations are secured by Personal Identification Number or password.
*Your business can set up mobile device policies that require employee devices to have passwords and other security features enabled.
- Keep any and all data in the proper network locations, and not on an individual workstation. This is one of the most common mistakes that leads to data loss.
- Ensure your backups are effective by performing regular tests.
- Avoid storing company data on portable media like USB drives that could get lost or stolen.
- Don’t store sensitive company information on personal cloud services like Dropbox or OneDrive unless it is through a centrally managed account. Employees should never use their personal accounts to store company data.
*If your business needs the ability to share and collaborate with files, KT Connections can help you choose and deploy a file management or cloud solution that is centrally managed and secure.
Don’t Invite Hackers In:
- Don’t open unsolicited attachments in your email, as this is a favorite delivery method for many types of malware, ransomware, and viruses.
- Avoid using USB thumb or zip drives that were found, as they could carry malware or spyware.
- Keep your Windows operating system updated. You should lean on IT to ensure that these updates don’t inadvertently cause problems by testing them first.
- While online, check all URLs for the presence of “https” at the beginning, especially when shopping online.
- Avoid connecting to unsecure Wi-Fi networks while out of the office. This can open your data up to eavesdroppers and introduce more threats to your network.
Feel free to copy this checklist and distribute it amongst your users. Looking to evaluate your company’s IT security? Call us at 605-341-3873 to schedule a security audit of your entire network and to help you establish the best practices and policies to protect your data and avoid costly issues.