In a connected world, sound information security practices are crucial for every employee of a business. Even a single simple lapse in judgment, like clicking on a link in a “phishing” email, can put all computer networks- and the sensitive information stored on them- at risk.

Every business must educate and train all of its employees on how to protect information and computer systems.

Below are a number of best practices (by no means a complete list) for securing personal and business devices and networks.

  1. Use strong, unique passwords for your online accounts. Consider using a password manager.
  2. Set your devices, including your smartphone, to lock after a short time, and require a passcode to unlock them.
  3. Patch and update all your software, applications, and operating systems regularly.
  4. Employ dual-factor (2-step) authentication as appropriate, both on corporate networks and for popular online sites (e.g. Google, Twitter, Facebook, LinkedIn).
  5. Avoid public computers and Wi-Fi, or work through a virtual private network (VPN) when accessing public Wi-Fi.
  6. Be skeptical on the Internet, and with emails, texts and other communications.
  7. Never click links or open attachments in emails or texts that appear to come from your employer, bank or any other institution. Always login to your accounts directly.
  8. Verify your privacy settings on mobile devices and in your social media accounts.
  9. Backup all of your devices and storage systems.
  10. Consider yourself a very important line of defense against hackers.

Employing these practices will not guarantee the security of your devices, networks, and information. However, creating security awareness and a culture of security will help eliminate or reduce the human error that so often compromises security and costs individuals and businesses dearly.