Ensuring data security and intellectual property protection is one of the biggest hurdles that businesses face today. Every day a new headline alerts us of these increasing threats to your bottom line. Recent studies have suggested that at least 50-60% of businesses do very little to nothing to protect themselves from security breaches. The truth is, most companies are shockingly left…WIDE OPEN.
Here are some things you can do to protect your systems and your business before it’s too late:
Protect local devices:
- Adopt security policies and procedure guidelines outlining how you want your employees to securely share and transfer information. Include sections on audit and access controls. (We can help you draft these policies AND train your employees on how to keep data secure.)
- Backup all your crucial data to a physically and digitally secure location, DAILY. (This is one that’s very simple to implement but could literally save your company from data loss as well as from “ransom ware.”) GSuite from Google offers secure data storage and more for as low as $5 per month.
- Be sure all your company software is updated to the latest versions. Old software/hardware is a hackers’ dream.
- Always remove any software that should not be installed in the first place. Instant messengers, unsecured email, Social media apps, are some examples of easily breached software. Have a specified company policy on new software installations.
- Keep all wireless routers/servers/devices updated, patched, and configured for optimal security. Be sure to talk to your network/computer techs about what they can do to secure your business.
- Adopt Business Associate Contracts with companies and partners as needed to make sure they understand how to keep your data secure after it leaves your office.
- Be sure to properly destroy old computer hard drives. Don’t just throw them away or trade them in. This should include old smart phones, laptops, tablets & office copiers, (Yes, many copiers have internal hard drives that have digitally stored copies on them.)
- Keep your passwords offline and/or in a secure location and remember to change them often. Use longer nonsensical password phrases. Never use actual birth dates, or other personal info within a password.
- Pay attention to ANY data that you’re CURRENTLY STORING (old and new) on local drives, network and flash drives. This is an aspect that is often missed by many businesses. Know what, when and where that info is being shared and whom has access to it. Keep backups/access and all information on a need to know basis.
- If you use a POS (point of sale) system, be sure that it has been setup to be protected from both physical-locational hacks as well as access controls when installed on your local network.
- Verify all emails before opening them. Watch out for Phishing (fake emails with malware or viruses/worms attached that are sent to you randomly just like spam) and Spear Phishing (email addressed to you or your company, specifically.) There are many programs available to help you screen emails. We can help you find a solution that’s right for your particular business. It’s also a good idea to use an encryption program whenever feasible.
- NEVER email important documents (PDFs, Word, etc.) to anyone that isn’t encrypted and/or password protected.
- Gmail for Business is a good service for business email. Identillect is a great email encryption tool.
- Adopt a company-wide social media policy that clearly explains what can be shared publicly and what can NOT. Educate your employees about hacking and how it can endanger security and affect jobs.
This is a very brief sampling of some security aspects for you to consider and implement. We can help you determine what your particular business needs to stay secure and viable.
Call or contact us anytime..
Wendell Edwards – C.E.H /Hippa Certified