Cy­ber-se­cu­rity 101

Trillions - - In this Issue -

Keep­ing your com­put­ers and mo­bile de­vices se­cure is an im­por­tant part of busi­ness th­ese days, and you don't need to hire a com­puter geek to cover most of the bases.

Not hav­ing se­cure com­put­ing de­vices can be very costly if they are com­pro­mised.

1.Train em­ploy­ees in se­cu­rity prin­ci­ples. Es­tab­lish ba­sic se­cu­rity prac­tices and poli­cies for em­ploy­ees, such as re­quir­ing strong pass­words and es­tab­lish ap­pro­pri­ate In­ter­net use guide­lines, that de­tail penal­ties for vi­o­lat­ing com­pany cy­ber­se­cu­rity poli­cies. Es­tab­lish rules of be­hav­ior de­scrib­ing how to han­dle and pro­tect cus­tomer in­for­ma­tion and other vi­tal data.

2. Pro­tect in­for­ma­tion, com­put­ers, and net­works from cy­ber at­tacks. Keep clean ma­chines: hav­ing the lat­est se­cu­rity soft­ware, web browser, and op­er­at­ing sys­tem are the best de­fenses against viruses, mal­ware, and other on­line threats. Set an­tivirus soft­ware to run a scan after each up­date. In­stall other key soft­ware up­dates as soon as they are avail­able.

3. Pro­vide fire­wall se­cu­rity for your In­ter­net con­nec­tion. A fire­wall is a set of re­lated pro­grams that pre­vent out­siders from ac­cess­ing data on a pri­vate net­work. Make sure the op­er­at­ing sys­tem’s fire­wall is en­abled or in­stall free fire­wall soft­ware avail­able on­line. If em­ploy­ees work from home, en­sure that their home sys­tem(s) are pro­tected by a fire­wall.

4. Cre­ate a mo­bile de­vice ac­tion plan. Mo­bile de­vices can cre­ate sig­nif­i­cant se­cu­rity and man­age­ment chal­lenges, es­pe­cially if they hold con­fi­den­tial in­for­ma­tion or can ac­cess the cor­po­rate net­work. Re­quire users to pass­word pro­tect their de­vices, en­crypt their data, and in­stall se­cu­rity apps to pre­vent crim­i­nals from steal­ing in­for­ma­tion while the phone is on pub­lic net­works. Be sure to set re­port­ing pro­ce­dures for lost or stolen equip­ment.

5. Make backup copies of im­por­tant busi­ness data and in­for­ma­tion. Reg­u­larly backup the data on all com­put­ers. Crit­i­cal data in­cludes word pro­cess­ing doc­u­ments, elec­tronic spread­sheets, data­bases, fi­nan­cial files, hu­man re­sources files, and ac­counts re­ceiv­able/payable files. Backup data au­to­mat­i­cally if pos­si­ble, or at least weekly and store the copies ei­ther off­site or in the cloud. 6. Con­trol phys­i­cal ac­cess to your com­put­ers and cre­ate user ac­counts for each em­ployee. Pre­vent ac­cess or use of busi­ness com­put­ers by unau­tho­rized in­di­vid­u­als. Lap­tops can be par­tic­u­larly easy tar­gets for theft or can be lost, so lock them up when unat­tended. Make sure a sep­a­rate user ac­count is cre­ated for each em­ployee and re­quire strong pass­words. Ad­min­is­tra­tive priv­i­leges should only be given to trusted IT staff and key per­son­nel.

7. Se­cure your Wi-fi net­works. It is best to now use Wi-fi due to the neg­a­tive ef­fects from the mi­crowave ra­di­a­tion, but If you have a Wi-fi net­work for your work­place, make sure it is se­cure, en­crypted, and hid­den. To hide your Wi-fi net­work, set up your wire­less ac­cess point or router so it does not broad­cast the net­work name, known as the Ser­vice Set Iden­ti­fier (SSID). Pass­word pro­tect ac­cess to the router.

8. Em­ploy best prac­tices on pay­ment cards. Work with banks or pro­ces­sors to en­sure the most trusted and val­i­dated tools and anti-fraud ser­vices are be­ing used. You may also have ad­di­tional se­cu­rity obli­ga­tions pur­suant to agree­ments with your bank or pro­ces­sor. Iso­late pay­ment sys­tems from other, less se­cure pro­grams and don’t use the same com­puter to process pay­ments and surf the In­ter­net.

9. Limit em­ployee ac­cess to data and in­for­ma­tion, and limit author­ity to in­stall soft­ware. Do not pro­vide any one em­ployee with ac­cess to all data sys­tems. Em­ploy­ees should only be given ac­cess to the spe­cific data sys­tems that they need for their jobs, and should not be able to in­stall any soft­ware with­out per­mis­sion.

10. Pass­words and authen­ti­ca­tion. Re­quire em­ploy­ees to use unique pass­words and change pass­words ev­ery three months. Con­sider im­ple­ment­ing mul­ti­fac­tor authen­ti­ca­tion that re­quires ad­di­tional in­for­ma­tion be­yond a pass­word to gain en­try. Check with your ven­dors that han­dle sen­si­tive data, es­pe­cially fi­nan­cial in­sti­tu­tions, to see if they of­fer mul­ti­fac­tor authen­ti­ca­tion for your ac­count.

11. Use Linux as your com­puter's op­er­at­ing sys­tem when pos­si­ble. Linux is free, open-source and is the op­er­at­ing sys­tem used by most In­ter­net, in­dus­trial and sci­en­tific servers and is vastly more se­cure by de­sign than Win­dows. And it doesn't spy on you like Win­dows 8 or 10 does.

Newspapers in English

Newspapers from USA

© PressReader. All rights reserved.