Peter Clarke, Managing Director, LanDynamix – leading cybersecurity and managed services specialists – expands on the question: What steps can organisations take to prevent security breaches?
Digital Transformation may have changed the way we work and live, with the proliferation of the Internet of everything and all that comes with it but the caveat is the security risk.
In today’s hyper connected world cybersecurity tips should not be taken lightly. Like millions of business owners in South Africa, you probably cannot imagine how a cybercriminal halfway around the world could possibly cause your business to suffer a data security breach.
Cybercrime is a major growth industry and organisations must implement a cybersecurity strategy that protects assets, customers and data from these threats – it is no longer a nice to have policy but crucial to the sustainability of all businesses.
LanDynamix has compiled the following eight security tips that will be invaluable in your fight to keep data and businesses, safe.
Train employees in security protocols:
- Create clear cut employee security practices and policies that include strong passwords
- Establish appropriate Internet usage guidelines that penalise violators of company cybersecurity policies
- Create a set of rules governing staff behaviour that illustrate how to handle and protect customer information and other vital data
Implement firewall security: Firewalls provide a set of related programs (software and/or hardware) that prevent outsiders from accessing data on a private network.
- Ensure the operating system’s firewall is enabled or install firewall software
- If employees work from home, make sure their home systems are protected by a firewall
Secure Wi-Fi networks:
- Wi-Fi networks are only as secure as the passcodes used and the more people who know this, the less secure it becomes
- Ensure your workplace Wi-Fi network is secure, encrypted and move to a Wi-Fi network that doesn’t require manual Wi-Fi passcodes, such as Enterprise Authentication and Encryption
Make backup copies of important data:
- Perform regular backups of data on all computers. Critical data includes word documents, spreadsheets, databases, financial reports, human resource dossiers, and accounts receivable/payable records
- Automate data backup processes and store copies either offsite or in the cloud
Control employee access to data:
- Prevent access or use of business computers by unauthorised individuals – laptops can be lost or be easy targets for theft, so lock them up when unattended
- Ensure a separate user account is created for each employee and apply strong passwords
- Allow only trusted IT staff and key personnel to have administrative privileges
- Use encryption to secure all data on laptops because this prevents access if that device is stolen
Implement multi-factor authentication:
- Compel employees to use unique passwords and change them every three months
- Consider implementing multi-factor authentication that requires additional information beyond a password to gain entry
Protect data with clean machines:
- Keep clean machines – deploying the latest security software, web browsers, and operating systems is the best way to defend against viruses, malware, and other online threats
- Set antivirus software to run a scan after each update.
- Install other key software updates as soon as they are available
Create BYOD policies: Mobile devices can create significant security and management challenges, especially if they hold confidential information or can access the corporate network.
- Oblige users to password protect their devices, encrypt their data, and install security applications to prevent criminals from stealing information while users’ devices are connected to public networks
- Be sure to set reporting procedures for lost or stolen equipment