Tip of the Week: 11 Security Best Practices Every User Should Know

You might spend a significant amount of time thinking about your business’s security practices, but the same can’t be said for your organization’s employees. Unless you give them a reason to care about security, they likely won’t. The resulting apathy could eventually become serious problems that could hinder operations in the long run, or worse, expose your business to threats that could put your employees and your clients in danger.

In order to keep these instances to a minimum, consult the following cheat sheet. This will give your employees a great way to follow critical best practices.

Essential Cybersecurity Considerations

• Use the company’s network to store files: Always store your organization’s data on an in-house network. This is because any files stored locally on your desktop might not get backed up. Do not use personal cloud accounts, like Google Drive or Dropbox, to save or share company-owned documents.
• Never leave your workstation unlocked and unattended: Always lock your computer using the Windows Key + L shortcut before stepping away from it, even if only for a moment.
• Don’t connect unknown devices to your work PC: This is especially important for small devices like USB drives. You never know what could be on them.
• Don’t download or install applications without approval: If you download an app without permission from IT or a network administrator, you could cause problems for other employees. Always ask for permission before downloading or installing software.
• Don’t respond to unsolicited or suspicious emails: If you receive a message that has an unknown or unfamiliar sender, it could contain malicious ransomware or other nasty threats. Be sure to notify IT immediately so that they can investigate the issue. Be especially cautious around unsolicited proposals or resumes.
• Don’t accept support from unexpected callers: If you receive a phone call from someone claiming to be from Microsoft support (or other well-known companies), just hang up. These callers are often fraudsters hoping to remote into your PC and access company information.
• Adhere to password best practices: Keep your passwords strong and complex at all times, and never use the same password more than once.
• Get approval for mobile devices from your manager: Don’t use your smartphone, tablet, or laptop for work purposes until you’ve been granted approval. This is to keep company data as secure as possible.
• If you see someone, tell someone: If you think that something is out of the ordinary, like an intruder in the workplace, be sure to alert management. Visitors should not be allowed to roam around the office unattended.
• Think twice before clicking: If you’ve received a link in any correspondence, you should avoid clicking on it until you’re sure it’s from a trusted source. Links can often be considered cyber threats, especially those that are in spam messages.
• Report issues as soon as they appear: If you experience something that seems troublesome, report the issue to management immediately. Proactive vigilance is the best way to prevent downtime, and it only serves to make your job easier.

Print this list out and hand it off to any employees who could use training on security best practices.

Keeping the business secure isn’t just your responsibility--everyone should be involved in the process. By following this list of best practices, you stand to protect your business against threats that could harm operations. To learn more about how to secure your business, including external technology solutions that prevent issues from transforming into major problems, reach out to us at (703) 821-8200.