Hackers, malware authors, and identity thieves are all on the prowl for ways to access your IT devices and harvest your enterprise data. Fortunately, you can take measures to defend yourself by following a few common-sense steps. Below, we’ll go over the 5 most important yet accessible protections that you can take to keep your IT devices safe.
Use Strong Passwords
This is rule #1 of protecting your IT devices, but far too many businesses continue to overlook it. Set a minimum length for employee passwords, and enforce a certain degree of complexity in the characters (such as capital letters, numbers, and symbols).
Make sure employees don’t use the same password in multiple locations and consider implementing two-factor authentication, which combines passwords with another layer of security (e.g. a code given to the user in a phone call or email). If passwords are stored on your local network, you should encrypt or hash them so they’ll be useless to any hackers who break in and find them.
Install Patches and Upgrades
Installing new software updates is like going to the dentist—you may not particularly enjoy it, but it’s essential to keep yourself protected. Software updates contain valuable bug fixes and patches that cover up security vulnerabilities.
In fact, countless data breaches could have been prevented if IT had installed new security patches in a timely manner. The Equifax 2017 breach, for example, occurred due to a vulnerability in third-party software (the patch had been available for months before the attack).
Related Content: How to Protect Yourself from Identity Theft
Back Up Your Data
IT devices, particularly mobile ones like smartphones and tablets, are highly susceptible to physical damage — which can obliterate all the data they contain.
But when you back up your data in the cloud, your data will be safe from physical damage. Whether your laptop refuses to turn on, your smartphone is stolen, or your workstations are wiped out by a natural disaster, your data will be okay and easy to recover.
Related Content: 8 Things to Include in the Perfect Disaster Recovery Plan
Avoid Suspicious Emails
Emails remain a common attack vector for bad actors to spread malware or steal your personal data. If your employees receive an unusual email from someone they don’t know, they should report it to your security staff. They should also never open unsolicited email attachments.
“Phishing” emails attempt to impersonate a trusted entity, such as a bank or government institution, in order to trick you into providing sensitive information. Train your employees on how to recognize phishing messages, or use an email provider with advanced phishing detection capabilities.
Use Secure Connections
If you connect your IT devices to the Internet using an unsecured connection, it’s all too easy for malicious third parties to “listen in,” eavesdropping on your potentially confidential data. Never use a public network unless you’re protecting your connection with a VPN that encrypts the packets you send and receive.
Instead, make sure you use secure protocols such as SSL, TLS, and HTTPS, which will help safeguard your sensitive data. When browsing the web, look for a padlock icon next to the URL, which indicates that the website uses a secure HTTPS connection.