Security in IT should be a top priority when reviewing your overall IT Strategy. Data leaks and hardware failures due to malware and attacks are massively disruptive to your business. Here are 4 very simple things your office should be doing at the bare minimum to help security. Please note that these are just basics there are a myriad of services that help further secure your office, if you need help deciding which business security features would fit your business best contact us.
1. Use a good browser and keep it up to date
Using an older version of a browser like Internet Explorer opens up a myriad of holes and exploits that potential hackers can get through. This is really simple, download Firefox or Chrome, whenever the browser requires an update, update it! According to Kaspersky: In 2012 34.7% of Kaspersky Lab’s users were targeted by a web-based attack at least once while browsing the internet.
2. Enforce a good password policy
According to this blog post on a research: 80% of security incidents were due to the use of weak administrative passwords. Most people have dozens of sites that require passwords and only use 5 different passwords across all of them. If any of these sites are compromised and the password leaks out accounts on other sites are compromised. Here are some tips to avoid your administrative passwords from getting brute forced and compromised.
- Use a completely unique password for your office password, do not use passwords that you would use on the internet.
- Make sure your passwords include unique characters (!@#$%) and numbers (1234).
- The longer the password the better
- Use a separate password for everything, people use 5 passwords overall for dozens of applications and websites, one leak anywhere leads to losing accounts elsewhere.
3. Update Update Update
Outdated software leaves massive holes for exploits in your day-to-day environment, this is why we’re urging you to leave Windows XP. Java, Adobe Reader and Windows Updates are essential to keeping a secure environment. Luckily there are usually settings to automate the updates. If there are manual updates please be sure to read over what they do and then update, it may be tempting to hold off on the restart and update later but a couple days of exploit window can cause havoc to your environment.
4. Train your users for safe behaviour
According to this post, 1 in 16 user downloads and 89% of all e-mail contain malware. Even with perfect security management the user is still the last gatekeeper for viruses. Your users must be trained to browse the web, read e-mail and download software with a suspicious eye. Only go to sites that are known and trusted, if an e-mail is unexpected or fishy looking do not follow the link and login using your credentials.
Implementing these 4 steps will ensure that the most common easily stoppable malware will not come close to affecting your day-to-day business.