1. Implement Strong Password Protection
Even the best security systems in the industry are vulnerable to attacks, viruses and malware. To increase the security of your business IT infrastructure you might want to consider changing all of your personal passwords at regular intervals, and by using complex passwords.
Another way to keep your computer network safe is to use a two-factor authentication system. This security measure uses two ways to verify a user's identity as an extra layer of security. The first is by logging into your account using a username and password and the second is by sending a PIN or message to a personal device or email inbox. Only after confirming your identity using these two methods can you access your account.
Ask QUBYTE IT Support about Two-Step Authentication, and if it is available for your environment.
2. Restrict Access to Coworkers
Although you may know all of your coworkers by a first-name basis, the risk of worker-related data breaches is still high. Allowing coworkers to access your dedicated Windows Domain Account login, online website portal or any other password protected software will increase the risk of network and data breaches.
3. Bring Your Own Devices
BYOD is becoming more and more popular among many businesses, from small business offices to large enterprise establishments. Even with anti-virus/anti-malware software installed on your computer, anyone bringing any device from home will run the risk of network and virus intrusion. It is highly recommended to keep your home devices (such as USB flash drives, External Drives, Micro SD cards, etc.) away from business computers. Only use USB flash drives and external drives provided by your organization if possible. If there is sensitive data bring written or stored onto these devices, it is highly recommended that it stays within the company’s facility or as per company policy.
Bring Your Own Cell Phone is also getting popular with businesses. Unfortunately, the security risks go up with these as well. Because Smart Phones are basically handheld computers, many of these phones can potentially carry malware or even viruses which can be transferred onto your company’s network and IT infrastructure. Be mindful of the software being used or saved on your Smart Phones.
Mobile threats and other cyber-related risks could be addressed through a comprehensive IT security budget, however not every business will have such a budget available.
Please note: Anti-viruses and Anti-Malware applications use libraries which are constantly updated to keep ahead of the threats, viruses and malware being produced around the globe. Unfortunately, these applications are not full-proof because new viruses and malware are created faster than the library virus definitions can be updated. This means that some of the newest viruses (not found in the library definitions) will slip through.
There is a high risk that workers will compromise a company's systems because of an infected email or link. Try to avoid phishing attacks by ensuring that the email you have received is in fact recognizable to you. Pay attention to the sender’s name, and the recipients it has been sent to. This should give you a good initial indication of whether or not the email you have received is a scam. At times, a fake name is provided as the Sender’s name, but if you look at the actual email address, it may be misspelled on purpose, or it uses an entirely different name. For example, you could receive an email from “MicroSoft Management”, but for example the email address would display as “email@example.com”. Anything being sent from Microsoft would have *****@microsoft.com as the domain name, so you should consider the email suspicious and contact our IT support team.
Avoid the use of suspicious websites, even if it appears as a legitimate business-focused website, it may contain malware or phishing components which can compromise your computer and its data. One common indicator with malicious websites is the abundance of popup advertisements within a web page.
If you feel that you have received a suspicious email, please do not hesitate to email or call our IT Support team at firstname.lastname@example.org or 1-800-928-5180.
5. Plan for Disaster Recovery
Many companies are not prepared for data breaches, especially when it comes to recovering stolen or lost data. According to a 2015 Ponemon Institute study, a plan in preparation for security incidents could significantly reduce the cost of a data breach. Only 71 percent of companies in North America had a data breach response plan in 2015. While this is an improvement from the previous year, many firms still lack the proper measures to recover from a data breach disaster. There are a lot of options out there that could prevent your company from becoming another data breach statistic. Ask QUBYTE about Business Continuity Planning and Disaster Recovery Planning, the safety measures taken now could prevent headaches and loss of business later.