Thanks for following our #SecureChristmas series of blog posts. Today we round things off with top tips for enhancing security in your workplace.

 

  • Know your people and what they do; using a centralised directory or HR management system helps with user administration by allowing you to create security templates and manage permissions in 1 place, when staff leave ensure their accounts are disabled promptly!
  • Know your data; whats important to your business and what details do you hold about your clients – this is the best place to start when considering security and working practises, to defend you must first understand – specifically consider any financial records or details you hold on clients and who has access to those details.
  • Ensure your computers are protected with an endpoint security product – F–Secure or SymantecHosted Endpoint Protection don’t just scan files they monitor your software firewall and browser activity and employ the latest knowledge from all over the world to protect your computers and people, F-Secure can also help manage windows and other important application security updates.
  • If you and your team work online, purchase through websites and use online services for your business systems consider securing and controlling access to your identity with Single Sign on Technology that removes the human need for weak duplicate passwords and gives centralised control and management.
  • Update your acceptable use policy – when members of staff join your organisation it should be clearly highlighted to them in a legal document what is appropriate use of your business systems with specific attention to what aspects of their personal life you allow them to interact with whilst at work – personal email systems are 1 thing but consumer file storage platforms like dropbox or google drive do make it very easy for any of your data to be shared externally. Letting your staff use Facebook or youtube might affect productivity – if you are concerned about employee productivity talk to us about activtrak
  • Report suspicious activity to an IT professional or the UK polices Action Fraud team as mentioned in #SecureChristmas post 1; Morbid Monday. Trust your gut if you think something is dodgy treat it as such until you have confirmation.
  • For Storage devices including portable computers encrypt data and always backup the recovery key or disc elsewhere.
  • Ensure your business email system has up to date spam filtering to improve productivity and reduce the likelihood of one of you team being duped into downloading a virus with a phishing email as talked about in #SecureChristmas post 2; Tip for Tuesday – share this with colleagues and don’t action spam email messages, get a 2nd opinion 1st
  • Backup all important data and systems off-site daily and consider the implications of losing 1, 2 or 3 days work when deciding budgets for a backup service. Consider how far back you might ever need to go and invest accordingly.
  • Secure your wireless networks, upgrade firmware and change access passwords regularly especially when members of staff leave. Better still implement directory controlled wireless access so when a member of staff’s account is disabled so is their network access. Do not give visitors your internal wireless network password always only share a segmented guest network.
  • Don’t use weak duplicated passwords – instead at work employ technology to help in the form of Single Sign on or at home use something local like KeePass.

 

So that’s that, this is the conclusion of our week long #SecureChristmas series of blog posts which aims togive you the facts enabling you to make the right decisions regarding your organisations security. If you would like a free site survey or to understand how even our SafetyNet package for £150 per month can improve your organisations security then drop me an email or give us a call.

 

Thanks for reading,

Julian Fox