Image Credit: Pixabay
- Protect with passwords
Most cyber-attacks are possible because the passwords used by organisations and individuals aren’t as strong as they need to be. Every single piece of electronic equipment should be kept safe behind completely unique codes, and every password used to access them should be unique to each individual who has access.
When teaching employees abut passwords, impress upon them the necessity for using passwords which contain a mix of numbers and letters, and remember to ensure that they know not to use birthdays, commonly thought of words, or something else which can easily be associated with them specifically.
- Design safe systems
Designing safe systems is a way of creating a system which has very few weak points which can be exploited by a hacker. For more information on how to specifically protect data, go here, but for the systems, read on.
Make sure your system has fewer points of access – only have ones which are entirely necessary. It may also be useful to restrict the overall access to the system, leaving access purely for business purposes (this approach is useful if you have people who work away from a central office, for example). When there has to be an access point, make sure that the information used for access is as unique as possible – check Prosyn.co.uk for extra help.
- Conduct screening and background checks
We are all familiar with the sinister rogue hacker figure, working to undermine security from outside a legitimate business, but in fact most of the unauthorised entry to secure systems occurs from within the firewall. When hiring employees (no matter where they are going to work) be sure to vet them thoroughly before allowing them access to the systems.
- Provide basic training in security
More security breaches than can be counted are a result of human error, rather than any malicious or directed attack. Make sure that all employees are trained in the basics of IT security – proper password procedure, proper use of networks and hardware, etc. You should be at the point of having all employees follow procedure without thinking about it
- Avoid unknown email attachments
This should go without saying, but the quickest way to get a virus in your system is for someone to open an unknown attachment. Most attachments are fine, but if you do not know the source of the email, err on the side of caution and do not open it. Delete it.
- Hang up and call back
One popular con method is to phone a company pretending to be someone who needs important or sensitive information. By this means, they can receive information about banking or passwords to infiltrate the organisation.
Train your employees to always hang up when this happens, then immediately phone the organisation which that person was professing to be from, in order to verify what is happening. If they are legitimate, they will understand why your employee acted in the way they did.
- Think before clicking
Similarly to the above, phishing scams work by sending out emails which look innocent, but are in fact ploys to gain access to sensitive information. Train your staff to look out for these emails, and delete them without reading!
- Use a virus scanner, and keep all software up-to-date
Use anti-virus software, and make sure it is up to date. This will keep the majority of hacking attempts as just that – attempts, and keep your data and systems safe.
- Keep sensitive data out of the cloud
The cloud is useful for storage, but there are disadvantages to it. Data being housed on remote servers with security which is not always kept up to date heightens the hacking risk. Keep particularly sensitive data on your own system.