When it comes to IT security there is no 100% sure solution. We all wish that we could install one program to stop all malware problems but the world is not that easy. The best IT security technology can only protect people if they are being smart on their computers. After all, humans error is the main culprit after a data breach.
Safe technical policies are the steps that everyone on your team knows so that they create a security focused culture. After all, everyone in the work environment is connected through the internet, so having everyone on the same page makes it more difficult for a harmful mistake to happen. Here is a good list of policies that should be integrated into everyone’s technical policies to make there IT security stronger.
Make everyone go through an IT security training.
IT security training will help people know proper policies when dealing with emails, suspicious logins, and phishing scams. These training will go over common scams so that they know what to look out for, as well as how to proceed after seeing a potential attack.
IT security training has numerous benefits but most importantly it is the first step to giving everyone the security groundwork to be safe online.
Learn to Confirm!
Humans can be lazy when it comes to security. It is very common to see an email from someone that you trust and not think about what is going on. This is why humans are the weakest part of an IT security network.
One common mistake is to receive an email from a client requesting payment, but they client mentions that they changed banks and gives new details on how to send the payment. The email address may not look suspicious so the person sends the money without thought. Later, the clients calls and says they never received payment, but the records show money was sent.
What happened was that an attacker used a phishing email that looks trustworthy, making the worker drop their guard. Then they say something sensible about changing banks, which you don’t check because you trust them.
ALWAYS CHECK WITH THE BUSINESS IF THEY SAY THEY CHANGED BANKS!
If this worker had simply picked up the phone and called the business to double check the banking information then they would have learned that this was a scam. It only takes a second to confirm with someone, but it could save your business.
Scams like this can happen to a new secretary or an experienced CEO. Tricks can be hard to spot, so when it doubt, learn to confirm!
Password Etiquette
If you want to have a security focused office then you need to emphasize password etiquette. Something as simple as a strong password can stop brute force attacks that cause problems for many businesses. Good advice for password safety include:
- Having a password between 15-20 characters
- Use numbers, symbols, capitals, and others to make it complicated
- Make your password extremely unique
- Use a Two factor authentication whenever possible
- Use a password manager
Having a combination of these practices will be sure to tighten up security across a network.
Talk with IT!
One of the biggest mistakes people make is not talking with IT when they think there might be a problem. Embarrassment will keep them from coming forward. They don’t want to get blamed for making a mistake.
However, more damage can happen by letting a problem grow and spread.
Talking with IT when you get a suspicious email, suspect a phishing attempt, or notice strange activity on your computer is essential to stop a problem before it gets out of hand. This is what the policies are all about. Teach everyone what to watch out for, but then trust the dedicated technical side of your team to solve the issue.
Make IT communication an essential policy. That goes for everyone from the intern to the CEO. IT is there to help, not to make you feel bad for not understanding something. If you have an IT team that is welcoming and helpful then your office will work together more easily and more safely.
Don’t Wait for a system failure!
Installing good IT security practices now can save you from incredible damage later. Do not wait until you are attacked to fix problems.
Talking with an experienced MSP can help get your IT network secured. Managed services can help implement strong security policies and provide IT support in the case of a breach. Give us a call to learn more about how Synchronet’s managed services can help with your businesses IT security.
