As remote operations continue for many, while many are working to return to the official workplace, security and business continuity are more important to your business than ever. Let’s go over a few things you need to address to successfully reopen without exposing your business to undue risks.
Protecting Your Business by Defending Your Team
Whether your staff is operating in-house or remotely, they need to have the proper protections in place to preserve your data security. Reminding your team of the following best practices is a great way to start, as many attacks now rely on the end user making a mistake.
- Maintain password hygiene: Passwords (and passphrases even more so) remain the peak way that a user can keep their accounts and data safe. However, this requires the user to follow best practices when it comes to their passwords themselves, such as:
- Not reusing your passwords
- Updating your passwords frequently
- Not sharing your passwords
- Using a password manager
- Only use secure and trusted connections: A hugely important facet to your security, whether in or out of the office, is how your team is accessing the Internet. The network they use needs to be a secured one, and they should be using a VPN (Virtual Private Network) for extra protection against snooping.
- Push software updates: Whether you are literally instructing your employees to install updates as they become available or you are actively implementing them yourself, the software (including the firmware on certain hardware solutions) should be updated at every opportunity.
- Use MFA: MFA, short for multi-factor authentication, is a security strategy that goes an additional step (or “factor”) past the username-password combination we are all so accustomed to. When your solutions are protected with MFA, your users will need to confirm that they are who they say they are with an additional bit of evidence, such as a code generated by a smartphone app or even a physical token. In requiring this, you make it far less likely that someone without authorization will be able to log in as one of your verified users.
Protecting Your Business by Securing Its Location
Of course, not all cybercrime has to happen digitally. There are many ways that a cybercriminal can get their paws on your data that you will need to contend with—especially if your office is or will be vacant for some time yet. While many may overlook the physical aspect of cybersecurity, you shouldn’t.
- Require authentication for access: Consider what could happen if someone came into your business when nobody else was there, and saw all the expensive technology just sitting there, unprotected. Whether they were interested in your data or the hardware itself, you can’t just leave it vulnerable. The same goes for different departments and ranks inside your business (just to be safe). Make sure that your resources are protected so that only the people who need them can access them.
- Keep an eye on your business: Access logs, digital video recordings, and other surveillance tools can help you keep watch over your business, allowing you to focus your thoughts elsewhere. Not only can these help provide evidence of whatever issue happens on your business’ property, they can also work as a pretty effective deterrent against attacks in the first place.
Protecting Your Business by Insulating Its Data
Finally, one of the biggest risks to your business continuity is the fact that your data is inherently fragile. Not only can it be deleted, the media upon which it is stored can be damaged or destroyed. The result is the same: you’re out an indeterminate amount of data. Therefore, you need to take steps to avoid that outcome.
- Keep track of your data: If you plan on keeping your data safe, you need to know exactly what data you have. Take inventory of the data that you need to keep and establish what will be required to protect it from threats and infiltration. This is especially important when sensitive information (like financial details or personally identifiable information) is involved.
- Restrict access to those who need it: The fewer people who have access to data, the inherently more secure that data will be. Therefore, make sure that your staff is only able to access data that they will implicitly require for their responsibilities. This will help protect you from a variety of risks.
- Maintain a data backup: Finally, you need to be sure that—should some disaster befall your business—your data won’t be irrevocably lost to you. A data backup that meets accepted best practices is an effective way to ensure this. We always recommend that you subscribe to the three-two-one rule (at least three copies of your data, in at least two places, at least one of which being offsite). The cloud is often a good fit for these needs.
This can be a lot to process, especially when you will already have your hands full as you reopen. AllTechMD is here to help. For more information about how we can assist your business moving forward, reach out to us at 646-992-9092.