Cii Technology Solutions Blog

Top 10 Best Security Practices

With cyber attacks on the rise, it is important to be sure you’re letting the actions become subconscious.  Soon they will simply be second nature!

Below are our top 10 best security practices to keep your business safe!

Avoid unknown emails, links, pop-ups, and calls

If you are unsure who is trying to contact you, or something doesn’t look quite right, trust your gut. Social engineering attacks are successful because they are manipulating users to operate outside of their norm, causing them to unintentionally reveal information or take action against their company. Be sure to block emails and callers once you are sure they’re scams. Do not open unknown emails or click on suspicious links; delete them as soon as possible.

Make sure who you are dealing with is trustworthy

It is always best to verify the identity of those you are in contact with.  For example, if you receive an email  that your bank account has been compromised and is asking for personal information, give the bank a call to verify the email is legit.  Always be on the lookout for the tell-tale signs of a scammer. Are there grammar and punctuation errors? Do all of the visuals work correctly? Ask yourself if they really need that particular information? Is this consistent with how they’ve acted in the past? If something doesn’t add up, you may be the target of a scam.

Keep your programs and systems up-to-date

Updates can be annoying, but necessary. Updates and software patches fix vulnerabilities that could allow hackers into your environment.  While you may prefer to keep everything the same, or feel you don’t have the time for a system restart, keeping an old version of a program can provide a potential exploit to a hacker.

Use strong and different passwords

If your last name is Johnson and you’re 49 years old, do not make your password “Johnson49”.  Try to incorporate elements of your life that are more difficult for cybercriminals to guess.  Your password needs to be something you can remember easily, but the hacker cannot guess. Adding numbers, symbols, upper and lowercase letters can also make your password stronger. Do not leave your password in an easy to find place, such as a sticky note on your computer. Make sure it is in a place that only you can access. Regularly rotate your passwords and use different passwords between all login sites.

Use Multifactor Authentication (MFA)

Despite lots of platforms implementing multi-factor authentication, many people still choose to ignore it. While it may seem cumbersome, it can pay off! It is best to use your phone, a security question, or, in the case of sensitive information, a third party identification system.

Protect your mobile device

With the use of smartphones and other mobile devices growing in business, hackers have begun to use them as a key to your environment.  Make sure your phone is secured by:

1.  Browsing on secure Wifi networks

2.  Ensuring your phone is never left unattended

3.  Download security software (not applicable for iphone)

4.  Use the previously mentioned security practices for mobile apps and accounts.

Manage and limit administrative privileges

If too many of your employees have access to sensitive information, it increases the odds of data accidentally being leaked and creates more entry points to your business. Make sure only those who need these privileges have access and that they make sure they keep it to themselves.

Backup your data

You should always have a backup of your data. . If you fail to back up your data you run the risk of losing that information. Traditional physical backups won’t always work. If a machine is encrypted with malware, that malware can also infect anything else on your network. The best way to protect your data is to choose a cloud-based solution. The data is stored on a remote server in a data center protected by multiple layers of security. Having good backups stored offsite can help you avoid paying a ransom, and thus not supporting these criminal enterprises.

Use a trustworthy third party

Use a reliable security provider that has a wide range of experience in different technologies and industries as they will be the most well rounded and up to date on the current threat landscape.

A third party security provider who is dedicated to security and your business takes the pressure off of you. Since they specialize in security, these security providers have top of the line defense and 24 hour help lines in case something unexpected happens.

Stay aware

The best way to protect yourself is to stay current on emerging threats.  You can help with this by providing security awareness training to your staff. Partner with a firm that can provide insight into organization vulnerabilities and offer solutions on how to fix them.

Want to know if your company is vulnerable?  Call us today for a FREE assessment of your security risks!