Maintaining security in an office environment is a group effort. While systems and procedures may be put in to place to manage security, a single user has the ability to open an entire company to risk with a single click. Each user also has the opportunity to help maintain proper security by following these 10 tips.
Everyone is a target
Hackers look for ways to access information for various reasons; some may be looking for financial or proprietary data, while others may be trying to gain access to your network in order to set up basecamp for a separate planned attack. The thought, “it won’t happen to me because I’m a small business” is dangerous, and one that malicious individuals often rely on.
Password strength matters
Practicing good password management is a key factor when keeping your data secure. Eight-character passwords simply aren’t enough. Use a mixture of upper and lowercase characters, numbers, and special characters for strong passwords.
Do not write passwords down or use the same password for multiple sites. The average person has 19 passwords for online services and keeping track of them all can be tough. Password managers will securely store your passwords so you don’t need sticky notes.
Strong passwords are good; adding an additional layer of security with 2-factor authentication is even better. Including 2FA, wherever possible, provides additional protection from unauthorized access to your online accounts by requiring a “token” at login – which is often generated by a piece of software on your phone or computer, or sent to you as a text message.
This drastically increases security as an attacker would have to have your password and access to your device containing the 2FA information to log in to your accounts.
Don’t leave devices in the open
Never leave your computer or other electronic devices unattended.
Aside from theft, threats such as malware can easily be spread via infected by external drives, flash drives, and even smartphones. Lock your computer when you are away from your desk to prevent others from accessing it without your knowledge.
Think before you click
Did you know that the average office worker clicks their mouse an average of 5,000 times a day?
Always practice caution when clicking on attachments or links in emails. If you receive an unexpected or suspicious email, don’t click on it. If you do, be sure that the website you are taken to is genuine and not a phishing attempt to gain your account credentials or other information.
Beware of where you browse
Sensitive browsing like banking or online shopping should only take place on a device that belongs to you and is on a network that you trust. Avoid public Wi-Fi as you have no way to guarantee that your data is safe from attackers who may be analyzing traffic to gain access to your information.
Keep your devices up to date
Make sure that your computer and other electronics are always up to date. Software updates don’t just provide additional features, they include security fixes and other improvements designed to keep our information safe.
Don’t share sensitive information
It’s important to be aware of the information you share online. Social media is often used to gain information about individuals for use in phishing attacks that include personal information to provide a false sense of security.
Only share information when you are confident that the person on the other end of the line is genuine. If you receive a phone call requesting information, such as banking details or other items that you are uncomfortable sharing, hang up. You can always call a number you trust and resume the conversation.
Observe physical security
Technology has the tendency to decrease in size over time. I remember being excited to have a laptop that weighed under 8 pounds 15 years ago, and now I walk around with a MacBook Air and admit to not realizing it’s even in my bag when traveling at times.
Smaller, lighter devices are convenient, but they’re also much easier for someone to walk away with. If you need to step away from your computer or other piece of technology – including portable drives and mobile phones, lock it up before you go.
Monitor your account activity
Be sure to monitor your online accounts for suspicious activity.
If you receive a notification of suspicious activity from an online service you use, review the contents to confirm that the activity related to your own actions. If it isn’t, follow the instructions in the email to make any appropriate account changes to protect your information.
Following these tips and putting them in to regular practice will help reduce security risk in the workplace and help keep your personal information secure as well. Do you have a security tip you’d like to share? Please leave a comment and we’ll add it to our list!