In a connected world, sound information security practices are crucial for every employee of a business. Even a single simple lapse in judgment, like clicking on a link in a “phishing” email, can put all computer networks- and the sensitive information stored on them- at risk.
Every business must educate and train all of its employees on how to protect information and computer systems.
Below are a number of best practices (by no means a complete list) for securing personal and business devices and networks.
- Use strong, unique passwords for your online accounts. Consider using a password manager.
- Set your devices, including your smartphone, to lock after a short time, and require a passcode to unlock them.
- Patch and update all your software, applications, and operating systems regularly.
- Employ dual-factor (2-step) authentication as appropriate, both on corporate networks and for popular online sites (e.g. Google, Twitter, Facebook, LinkedIn).
- Avoid public computers and Wi-Fi, or work through a virtual private network (VPN) when accessing public Wi-Fi.
- Be skeptical on the Internet, and with emails, texts and other communications.
- Never click links or open attachments in emails or texts that appear to come from your employer, bank or any other institution. Always login to your accounts directly.
- Verify your privacy settings on mobile devices and in your social media accounts.
- Backup all of your devices and storage systems.
- Consider yourself a very important line of defense against hackers.
Employing these practices will not guarantee the security of your devices, networks, and information. However, creating security awareness and a culture of security will help eliminate or reduce the human error that so often compromises security and costs individuals and businesses dearly.