The Ultimate List of Best Practices for Computer Security & Computer Care
Maintaining the security of your business can be an overwhelming undertaking. There’s the hardware, software, access controls, passwords, physical security, and administrative safeguards that need to be constantly monitored. And that doesn’t even make a dent in the computer security and care responsibilities that businesses need to worry about. In response to the staggering amount of details that need to be dealt with in regards to security and computer care, we have created our list of best practices and suggestions to help you determine where your organization lies in terms of following security protocols and maintaining your systems properly.
Embrace Education and Training for Employees and Managers
From the top to the bottom of your organization, everyone needs to be trained to some extent regarding internal and external threats to your business. Whether you realize it or not, your team members are an important part of your organization’s defense when it comes to identifying potential problems with your security. Training should take into consideration job functions and should be done at regular intervals, not just when onboarding a new team member. Finding time to train can be difficult, but it’s a process you won’t regret maintaining. As you train your employees, here are just a few of the ways they can become your best line of defense against cyber threats and other computer security issues.
Spotting suspicious emails and phishing scams.
Selecting strong passwords and using multi-factor authentication.
Maintaining physical security while in the office and at home.
Understanding what sensitive business information really is.
Comprehending the tech and the terminology of the tech that they are using to make it easier to report a problem.
Having the ability to access business data safely from a remote location.
Gaining understanding about the latest threats and how to avoid them.
Knowing how to report a problem and where to report it.
Gaining a better understanding of device management and BYOD policies.
Outsourcing for Expert IT Practices
Not every small or medium sized business can afford to hire an IT department that has the breadth and depth of understanding all of the cyber threats and computer security protocols necessary to keep a business safe. That’s where outsourcing can become a perfect solution to keeping your organization safe from threats around the clock. By outsourcing some or all of your IT needs, your organization can rest assured that you are protected against the latest security threats and emerging threats. Outsourcing also provides 24/7 coverage that’s not readily available for small companies with only one (or a few) dedicated IT members. Additionally, outsourcing for IT support and security means a deeper understanding of compliance and regulatory requirements for your specific industry. For instance, the healthcare industry is held to a very high standard of compliance in terms of client sensitive data, how to transmit that data, and policies regarding storage of that data.Overall, outsourcing allows for even small companies to have access to the talent that more mature and larger companies already have.
Maintain Physical Security of Your Devices
This category may fall more into the computer care area, but it goes without saying that laptops, tablets, and other mobile devices that have your organization’s data on it should be secured at all times. Physical security is not something that should only be considered when visiting clients and doing remote work, but also while in the office. We suggest developing a policy of locking all devices each night and keeping only the data that is needed on devices that could easily walk away. Keep in mind that screens with sensitive information should also be kept out of sight of clients and office visitors. A simple privacy screen for your monitor can help with this issue. Logging off or closing tabs when leaving a device unattended is also a smart idea for many industries with privacy requirements such as the HIPAA regulations. You may also want to develop a policy regarding using company devices while in unsecure locations such as a hotel, airport, or coffee shop.
Make Backups a Priority
Maintaining backups of your data is a pain. We get it. That’s why we follow a simple backup rule that can help get your business up and running again should an outage or other system failure occur. The 3-1-2 Backup Rule follows the concept that there should be at least three copies of your data. The data should be stored on two different types of media. One copy should be kept at an offsite location. 3 copies, 2 types of media, and 1 offsite location keeps it simple and easy for even the busiest operations to handle. Without proper backups, how long would your business suffer from down time should an incident occur?
Secure Your Wi-Fi
We’ve all learned over the last few years that public Wi-Fi can be risky. Man in the Middle Attacks and hackers can access your data while you log into a public Wi-Fi fairly easily. Most of us understand, after this year of working remotely, that Wi-Fi needs to be trusted before you start transmitting sensitive business data. When out and about, using a virtual private network (VPN) is the best solution if your company has one. While in the office, your Wi-Fi should be secure, encrypted, and hidden.
Invest in High Quality Security Systems
While smaller businesses may weigh the necessity of all the bells and whistles when it comes to security, realize that small businesses are attractive targets, according to the Small Business Administration (SBA). According to the SBA, “88% of small business owners felt their business was vulnerable to a cyber attack. Yet many companies can’t afford professional IT solutions, they have limited time to devote to cybersecurity, or they don’t know where to begin.”Talk to our team about necessary protections such as strong antivirus software and malware detection programs, external hard drives that backup data, and running regular system checks. Don’t forget about firewalls that are the first line of defense against cyberattacks on data. For remote workers, discuss firewall software that can be installed to protect data that lives outside of your office.
A Word on Password Protection and Authentication
Yes, passwords again! We know we often talk about discussing with your team members the importance of using strong passwords and even investing in a password manager to keep the multitude of passwords most companies use daily, safe and organized. We think it is worth repeating that passwords can easily be hacked, most especially if the password is the same across all of your accounts or using a word that has personal significance to the user. In addition to choosing a password that is hard to guess and uses a mixture of upper and lower case letters, numbers, and symbols, it is important to note that there are other methods to safeguard access to your data: two-factor authentication or multi-factor authentication. The extra set of credentials needed to access data with these two authorizations may be just enough to deter a cyber criminal.
A Final Note
Staying on top of the best practices regarding computer security for your organization can be a crushing amount of work, especially if it is not a skill that is within your wheelhouse. Spectra Networks has been helping companies in many different sections including law, healthcare, and nonprofits stay up-to-date on current and emerging threats. Talk to our team today if you need help getting started or maintaining security best practices for your organization.