We’ve heard from many reports that most of the data breaches that compromise important information is because of human error. In the “connected world,” it is easy for your staff to be comfortable trusting technology and not really considering the risks lurking all the time.
Many of our clients are interested in steps to help secure their network and protect customer information. This can easily be done by implementing a culture of security and helping your staff become aware of the threats and most common things that cause problems. We have helped several companies with simple “done for you” solution that have kept them ransomware free.
For example, have the following in your policies and procedures:
- Help your staff by creating a password policy with complex rules and enable two-factor authentication where available. Part of your policy is to make sure staff does not have a post-it note with written passwords where anyone can get to them.
- Make sure your staff locks the computer screen when they step away from their computer for more than 15 seconds. It doesn’t take long for someone to compromise a system that is not locked. We have seen banking pages, Quickbooks pages left open for a while as a staff member goes to the bathroom or a meeting.
- Lock down the company computers to prevent staff from installing junkware and games. A lot of vulnerabilities are introduced into companies by innocent looking games and apps. Have a clear policy that restricts your staff from this threat and limit who can install software on the network.
- Your data has to be segmented by who needs access to it and what they can do with it. Your CEO needs access to data that the warehouse team does not. Your CFO needs access to data that the teller does not need. Review permissions at least once a year and change the folder permissions as needed. Make sure you know WHO has access to your data.
- Certain industries handle company information through mobile devices. There are ways to protect this information by using mobile device management tools with selective delete capabilities. These tools allow you to secure your company information that is accessed by staff personal mobile devices.
- Create a training plan and stick to it. Your staff will help protect your data as much as you invest in their training. Make it fun and engaging! There are a number of tools for Security Awareness training available to you.
These simple steps can save you from ransomware, a hacker, ransomware or other threats.
If you are interested in learning how we can help you secure the basic needs of your organization for about ONE DOLLAR A DAY, call us at 512-336-2970 x102 for more information. It may be worth a 5-minute conversation to help you gain your sanity and peace of mind.
Luis Delgado is a father, husband, community resource, speaker, and entrepreneur who founded The Critical Update, inc (TCUINC) in 2003. TCUINC is a business and technology consulting firm that has evolved from basic computer support to affordable technology consulting, network management, outsourced IT and cybersecurity. Our clients are from every industry in Central Texas - for profit and not for profit.
Luis is focused on helping business owners create more jobs for Texas families by addressing compliance and productivity needs.