Security

Cyber Security Best Practices for Your Employees

By December 13, 2017 No Comments

The age of the mobile device has opened valuable doors for businesses looking to maximize their workers’ productivity. Today’s laptops, tablets and smartphones make it possible for your employees to access server data, submit their work and collaborate with teammates from any point in the world with a cellular signal or an internet connection. But with these new capabilities come new risks to your data security, which means that you and your employees need to make sure you’re playing it safe with that mobile technology. Here are some smart remote computing practices that your team should implement.

Taking Passwords Seriously

You might be surprised (and horrified) at the number of ridiculously simple passwords currently “protecting” mobile devices and computers, from “1234” or “Guest” to the name of the company or employee. Require your employees to set up password-based access to their devices — and to make those passwords as long and elaborate as humanly possible. You can install programs that will generate and remember these impossible-to-remember programs for the employees. These programs make it unnecessary for your employees to store copies of the passwords where they can be seen and used by the bad guys.

Adding Two-Factor Authentication

No matter how hard a password may be to crack, it still offers only a single barrier between your business’s precious data and the outside world. Add two-factor authentication, and the your employee’s mobile devices (and the data they’re accessing) become much harder to hijack. The second factor may be a question that only the specific employee could answer, or it might be a secondary password send to another of your employee’s devices.

Connecting to Virtual Private Networks

Wireless networks are incredibly handy, but the lack of a dedicated connection opens your employees’ data transactions to eavesdropping and misdirection efforts by other mobile users sharing the same public server. To work around this threat, make sure your employees are always connecting through virtual private networks, or VPNs, whenever they’re using a public Wi-Fi channel. A VPN is a program that funnels the connection through an encrypted channel, so only the parties at both ends of the connection can read the data. Many VPNs can also anonymize employees’ locations by rerouting the connection through a server in another state of even another country.

Using Secure Websites

If you’re a Google Chrome user, you’ve probably noticed that Chrome has added an icon warning you when you’re connected to a non-secure site. These sites are still using the HTTP protocol, which is highly vulnerable to spoofing and other exploits, as opposed to the more secure HTTPS protocol with SSL (Secure Socket Layer) protection. Tell your employees to stick with websites using HTTPS whenever possible, and never to submit sensitive data to an insecure HTTP site. Employees can usually tell when a site is secure, not only from the HTTPS prefix, but also from an icon depicting a lock to the left to the URL.

Here’s one last suggestion aimed not at employees, but at employers and their IT department heads: Think twice before initiating or continuing with a BYOD (Bring Your Own Device) policy. Granted, workers love being the convenience of simply using their personal devices for work as well as play. But BYOD places a serious strain on your ability to keep that mobile usage secure against malware and hackers, especially when you consider all the different OS versions these various devices may be using. Issuing company devices that run specific operating systems and software can help you keep those devices properly updated, patched and otherwise secured.

You don’t have to fear the potential dangers of mobile computing for your business as long as you and your employees take commonsense steps to protect that all-important data. Give the ideas listed above serious thought — and then get the IT support you need to help you put them to good use!

Sources:
http://blog.securitymetrics.com/2016/08/how-to-do-passwords-right.html
https://www.pcmag.com/article2/0,2817,2456400,00.asp
https://www.bestvpn.com/vpns-beginners-need-know/
https://www.searchenginejournal.com/google-is-requiring-https-for-secure-data-in-chrome/183756/
https://www.securitybeacon.com/byod-bring-your-own-device-bad-idea/

TechWerxe

About TechWerxe

TechWerxe is a leading IT company focused on providing companies with customized solutions for their business.