facebook linkedin twitter

Computerware Blog

Tip of the Week: Building Up Four Business Security Basics

Tip of the Week: Building Up Four Business Security Basics

With all the threats that stand to create problems for your business, it can be surprising to hear that some of your biggest security risks actually derive from your staff, and their exposure to your technology. Less surprising to hear: security issues interfere with the successful operation of your business. Here, we’ve shared a few tips to help your staff better adhere to security practices.

Password Etiquette

Passwords are used everywhere these days, in both personal and professional environments. You should encourage your employees to adopt the following practices and do the same yourself.

  • Differentiate your passwords. Let’s face it - people can be lazy at times, which contributes to the unfortunate habit of using the same username/email and password for every online account. The trouble with this habit is that if one account is compromised, a lot of other accounts could also be… all the person responsible has to do is plug in those credentials on other popular websites or business applications.
  • Keeping it simple is stupid. Another habit that we all tend to gravitate toward is to make a password as memorable as we can… which often means that our passwords usually include something about us that is easy to find out - pet names, birthdays, and other details like that. How often have you seen a movie where the hero hacks into a bad guy’s laptop by looking at a picture that the bad guy has on their desk of their pet, or remembering some other important details? This is so common, there is an entire storytelling trope around this phenomenon. Avoid doing this.
  • Give passphrases a try. Passphrases have grown in popularity recently as an alternative to passwords that are both easier to remember and more secure than the recommendation of assorted alphanumerics. What would you remember more easily: “4n89Gk99q,” or “farmcakemeeting?” 
  • Use a password manager. To be fair, remembering a unique password (or even passphrase) for all of the accounts that the average person has nowadays is a pretty extreme expectation, and contributes to people reusing passwords across accounts for fear of forgetting them. A password manager is a secure program that saves passwords for a user, meaning that the user really only needs to remember the one that opens the manager.

Safe Browsing

A lot of threats out there are designed to fool a user into opening up their network to attack. This can be avoided through the adoption of a few best practices amongst your staff.

  • Look twice at the URL. URLs are shockingly easy to disguise, so a malicious link could very easily appear to be something that you would click with almost no hesitation. Take www.google.com. If you were to click on a link that looked like this, you’d expect to be brought to the Google homepage, right? However, it is only too easy to use these expectations to mislead you and your users, as demonstrated here. One handy trick to use in this situation is to hover your cursor over a link, but not click on it. This will cause the actual destination of the link to appear at the bottom of your browser window.
  • Business computers should never be business-casual. Some threats to your business can hide on websites that will attack when you download materials from them, or even just when you visit them. Therefore, a work device should only be used for work-related tasks, if only to minimize this risk.
  • Leverage access controls and content filters. Of course, you shouldn’t necessarily put all of your faith in the reliability of your staff to make good choices. Even if they are putting forward their best effort to avoid online threats, accidents happen, so you should compound whatever efforts your team is putting forth with additional protections, like firewalls and content filters.
  • Trust the pros. No matter how simple an issue might seem on the surface, it pays to enlist the help of an IT professional for assistance if you have to resolve an issue.

Prevent Phishing

Phishing is a very effective means for cybercriminals to get their way, making it a common precursor to larger threats. Therefore, you and your staff alike need to be able to spot a potential attack:

  • Urgency is a warning sign. Consider emergency signs: are there nondescript recommendations to please proceed thusly in an orderly manner? Of course not--there are bold colors and simple, urgent instructions to get people to act quickly. Phishing messages use a similar tactic to make their targets panic and act impulsively.
  • Details are wrong. While this isn’t always the case, phishing messages can sometimes include misspelled words and odd grammatical choices. Links may not go where they appear to go. Take a few moments and double-check that links are correct by hovering your cursor over them and reviewing the URL that pops up.
  • Check for legitimacy. If you find a message suspicious, and you have the means to double-check it through another means of communication, do so. The inconvenience of a quick call is far less severe than the ramifications of a security breach.
  • Be quick to judge. If you can’t determine if a message is phishy or not, err on the side of caution. Report to IT and inform them of the message, then follow their guidance.

Data Security

Finally, we come to your data. Depending on your particular industry, the data you collect and store could potentially be quite valuable. A cybercriminal could actually make anywhere from $40 to $200 per record by selling sets of a person’s name, address, phone number, and credit history on the Dark Web. Bank details can bring in anywhere from $50 to $200 each. If your business is the source of that information, you could be in serious trouble… and that’s without even considering all of the other consequences. Your data needs to be secured, so a few practices will help you to do so:

  • Restrict data access. You need to maintain some pretty considerable authentication measures so your data is secured both digitally and physically. Access controls and authentication measures should be imposed on both sides of the coin, greatly reducing the risk of a breach or a leak.
  • Update your security. Cybercriminals are always busy trying to devise new methods of undermining your business’ security, and cybersecurity developers are always responding in kind. So, as patches and updates are released for new and developing threats, you need to make sure that you are appropriately putting them in place.
  • Regulatory compliance. Regulations are in place for many industries that are intended to maintain cybersecurity standards, including the Payment Card Industry Data Security Standard (PCI DSS) and the assorted data privacy laws that have recently been adopted. If you aren’t compliant, you need to fix that as soon as possible.
  • Backup your data. Whether it is due to a malicious effort or simple bad luck, data loss is one of the worst things that can happen to a business in terms of its survival. Insulate yourself by maintaining at least a cloud-based backup.

Following these considerations can greatly contribute to the security of your business and its operations, but there is still more that you can (and need to) do. Reach out to Computerware at (703) 821-8200 for help in enacting all of them, and more.

The Value Social Media Has for Your Business Today
What Makes VoIP So Different?


No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Monday, September 28, 2020

Captcha Image

By accepting you will be accessing a service provided by a third-party external to https://www.cwit.com/

Mobile? Grab this Article!

QR-Code dieser Seite

Tag Cloud

Security Tip of the Week Technology Best Practices Business Computing Privacy Internet Software Cloud Data Business Management Hackers Hardware Microsoft Workplace Tips Network Security Productivity Backup Managed Service Provider Hosted Solutions Business Productivity Email Malware IT Services Google Efficiency Saving Money Innovation Small Business Computer User Tips Collaboration Quick Tips Data Backup VoIP IT Support IT Support Network Smartphones Mobile Devices Business Continuity communications Disaster Recovery Gadgets Data Recovery Microsoft Office Android Cybersecurity Social Media Smartphone Upgrade Mobile Office Server Communication Phishing Virtualization Miscellaneous Mobile Device Management Mobile Device Ransomware Vendor Management Holiday Passwords Operating System Users Windows Windows 10 Apps Tech Term BDR Managed IT Services Outsourced IT Remote Monitoring Facebook Unified Threat Management Internet of Things BYOD Automation Managed IT services Analytics Data Management Mobile Computing Remote Computing Apple Windows 10 WiFi Training Artificial Intelligence History Marketing Cloud Computing The Internet of Things Browser Save Money Firewall Business Technology Alert Encryption Help Desk Big data Spam App Health IT Consultant Office Office 365 Budget Managed Service Two-factor Authentication Covid-19 Information Technology Bandwidth VPN Managed IT Bring Your Own Device Antivirus Access Control Maintenance Gmail Printer Windows 7 Hard Drives Blockchain Content Filtering Government Going Green Cybercrime Computers Retail Information Saving Time Cost Management Healthcare Wireless Technology Outlook Windows 8 Search Networking Remote Work Hiring/Firing Virus Tech Support Best Practice Recovery Lithium-ion Battery Wi-Fi Employer-Employee Relationship IBM Phone System Travel Augmented Reality Education Project Management Hacking Update Conferencing Humor Customer Service Data Security Money It Management Document Management iPhone Computing Data Loss Compliance Data Breach Customer Relationship Management Solid State Drive Data storage Value Intranet Password Twitter Current Events PowerPoint Flexibility Hacker Laptop Vendor File Sharing Risk Management Administration Applications Legal Hard Drive Save Time Regulations Mobility Downtime Avoiding Downtime Wireless SaaS Patch Management Storage Website Voice over Internet Protocol Proactive IT Computer Repair Running Cable Law Enforcement Word Management Telephony Machine Learning Telephone Systems Vulnerabilities Cortana Employee/Employer Relationship Digital Black Market Websites Cryptocurrency Cooperation Business Growth Software as a Service Fax Server Net Neutrality User Chrome Google Maps Business Intelligence Virtual Desktop Digital Payment Router Social Engineering Paperless Office Social Sports Disaster DDoS Comparison Tablet Monitoring Company Culture End of Support Meetings Hosted Solution Robot Private Cloud Securty Scam Excel Social Networking Programming Redundancy Multi-factor Authentication Statistics Managed Services Provider Microchip Taxes eWaste Telephone Network Congestion How To Distributed Denial of Service Bluetooth Evernote Virtual Assistant User Error Smart Devices Co-managed IT Gaming Console Managed Services Streaming Media Managed IT Service Public Cloud Licensing Text Messaging Google Docs Start Menu Tech Terms Webcam Memory Processors Video Conferencing Identity Theft USB Mobile Technology Experience Lifestyle Monitors Notifications Presentation Processor Cleaning Office Tips Uninterrupted Power Supply Distribution Virtual Reality Vulnerability Politics Specifications Safety Bitcoin Inbound Marketing Solutions YouTube Emails Automobile Professional Services Chromebook Computer Accessories Data Protection Employees Unified Communications Settings Documents Cost Computing Infrastructure Hack Teamwork Heating/Cooling Entertainment Integration Trending Downloads Pain Points How To Download Mouse IT service Remote Workers Tip of the week Electronic Medical Records Transportation switches Writing Supercomputer Domains IT Google Calendar Organize Upselling Term Music Touchscreen Virtual Private Network News Video Surveillance Recording Optimization Upgrades Public Speaking Migration Connected Devices VoIP Directions Display Worker Wireless Headphones Point of Contact SSID Shortcut Network Management Knowledge FinTech Saving ZTime Dark Web Free Resource LiFi Reading Samsung Equifax Fleet Tracking Consultation Development G Suite Entrepreneur Data Storage Health IT Employer Employee Relationship Troubleshooting Device security MSP Technology Tips Processing Social Network Analytic Procurement Fake News Debate Logistics Virtual Machines Deep Learning Hacks Physical Security HIPAA Desktop Recycling Finance Audit Webinar Harddrive Wasting Time Work/Life Balance Environment Nanotechnology Cyber security Banking Botnet Competition Business Cards Service Level Agreement Organization Bookmark Visible Light Communication Relocation Tablets Electronic Payment Startup Asset Tracking Product Reviews Data Warehousing GPS Sync Unified Threat Management Backup and Disaster Recovery Read Emergency PCI DSS Hard Drive Disposal External Harddrive Employer/Employee Relationships IT consulting Business Owner Username Access Communitications Google Play Telephone Service Screen Reader Customer Resource management Supply Chain Management Microsoft Excel Microsoft 365 CCTV IP Address Gamification Computer Care Managing Costs 3D Ebay Medical IT CIO Trend Micro Business Metrics Computer Malfunction Application Piracy Device Management Upload AI Thin CLient Browsers Advertising Flash Reliable Computing Human Resources Smart Tech Google Drive Internet Service Provider Windows Server 2008 Staffing Threats Google Wallet In Internet of Things Fiber-Optic Database Content Management Regulations Compliance Best Practives Smart Phones User Tip Proactive Maintenance Windows XP HTML Business Managemenet Spyware IT Assessment Mobile Payment Security Cameras Telephone System Remote Working Displays Mobile Security Electricity Printing Navigation Virtual Machine Society Microserver Adminstration Pirating Information eCommerce Micrsooft Motion Sickness Digital Signature Software License Trends online Currency Supply Chains Leadership Data Analysis Scalability Multi-Factor Security GDPR Managing Risk Drones Fraud Tactics Financial Data Printers SQL Server Messenger Tracking Devices cache Electronic Health Records Television Get More Done Rental Service UTM Content LinkedIn WannaCry Memes Tech Hypervisor Managing IT Services Freedom of Information Turn Key Holidays Web Server IT Plan Enterprise Resource Planning Corporate Profile Printer Server Fileless Malware Hybrid Cloud Permissions Language Cabling PDF Legislation Error Time Management Modem Strategy Administrator Best Available Keyboard email scam Addiction Archive Telework Trojan Proxy Server Azure Books Workers Accountants A.I. Skype Assessment Surveillance SharePoint CrashOverride Capital Personal Information 3D Printing Productuvuty Financial Managing Stress Regulation