At a customer level, we have seen several attempts to defraud companies through email impersonation and a depressing number of encryption attacks via spam emails.
So.. Top Ten Tips. Follow these and you’ll be more secure – make sure everyone in the company know what the rules for using your IT are, and why those rules are in place.
1 – Define IT security policies
Companies of all sizes should have a security policy that sets ground rules and drives processes. This will help explain risks to all users and the reasons for vigilance at all times.
2 – Enforce security processes
It is important to define how the policy will be enforced, listing each process and describing the procedure – things like internet access, secure disposal of equipment, revoking access for ex-employees and reporting lost or stolen IT equipment.
3 – Backup your data
Hardware can fail at any time, malware can encrypt gigabytes of data in an instant and vital files can be deleted maliciously.
4 – Secure your network
Firewalls will keep intruders out. Anti-malware software should be properly installed and kept up to date. System updates should be managed centrally rather than relying on individual users to download and install updates.
5 – Passwords are SECRET
Use a strong password. Never share passwords, change them regularly and never re-use a password.
6 – Manage user privileges
Minimise access to sensitive data and do not allow visitors on to your office wi-fi.
7 – Be aware of the risks
Be alert for potential scams. Set social media privacy appropriately and remember that good old human error is responsible for a great many ‘leaks’. Mitigate the risk by having robust processes in place.
8 – Secure your email
Set up spam filtering. Have a policy regarding opening email messages from unknown sources, use up-to-date email clients, and lock your ‘phone and other mobile devices.
9 – Stay Informed
Keep up to date on risks and security alerts, subscribe to IT newsletters and follow nTrust on Twitter (@nTrust_systems)
10 – Ask an expert
Not all IT support is the same, so ensure that you have a package or system that is appropriate to your needs.
