10 Security Tips for Business Owners and Employees

Cyber Security should always be in the back of you mind at home, at work and even in your own business. Cyber criminals are always looking for ways to gain access to personal information and, believe or not, sometimes the answers and passwords we use are hidden in plan sight.

These are 10 basic tips we recommend to our clients and friends at all times. For more advanced security, our services are always available. Please note, there is no special order for any of them, they are just tips you should try to be aware of.

1. Backup and Redundancy

It is important to keep a backup of all your data, not only because your device could get lost or stolen, but because Ransomware is here to stay. We know your family pictures mean the world to you. Databases, Software Licenses, contracts, purchase orders and invoices of your customers are the bread and butter of your company. Why not having a redundant system that helps you protect it?

There are simple solutions nowadays that do that automatically for you. Carbonite is one of them, it is software that makes copies of your documents and keeps different versions of them on their secured “cloud“. This protects your data from hardware failure, ransomware attacks and even a lost device.

2. Keep your devices up to date

Having your computer or mobile device up to date with the latest updates is an important part of securing your information. Sometimes these updates are not tested correctly when they get release to the public, but most manufacturers are getting better at it every day.

We recommend using web browsers like Google Chrome or Firefox, these browsers are always releasing new patches and updates to make their products more secure.

3. Vintage Technology

From time to time you would be surprise how many companies still require you to send them a “fax”, worst is to have them require a credit card authorizations to be completed in full and sent via fax. There is an entire generation of new employees in offices around this country that have no idea what a fax is, yet, they need to learn on the fly how to send or receive one.

If you are a business owner and are require to have a fax machine for compliance regulation purposes, please make sure the machine is in a secluded and secure location (inside of someone’s office). Also, please make sure to archive or destroy the fax after you use it. The best alternative to fax is an email-fax alternative like MyFax, all your faxes are managed using your email client.

If a company requires to send a fax, please ask of an alternate delivery method (email or web form). If there is not choice, please follow up to make sure they received the information and manipulate the data securely.

4. If it is not your device DO NOT LOGIN

If you need to check your email, log in to your bank account or make an onine purchase and you do not have your personal device, ask yourself: “Can this wait?, can I do this later once I get to my computer?”. It is never a good idea to login to your personal information using an unknown device or network. Your data could be copied or stolen.

If, and only if, you need to login to your bank account, email or any other personal online account because it is an emergency, we suggest you try to using Incognito mode in Google Chrome or In Private session in Microsoft Edge to access the account and make sure you log out once you are done. Once you regain access to your trusted computer, change your password immediately!

5. If you don’t need WiFi, don’t use it

Most cellphone wireless plans nowadays offer unlimited data. There is no reason or excuse to jump on a wireless network these days, especially public wireless networks. In some cases, you might be lucky enough to get the cubicle or office with the dead spot in the entire building and you might get little to no signal. If you are the lucky one, and there is no other form of communication around, then you should close all your apps on your cell phone and use the guest wireless network whenever you need it.

If you need to use WiFi, we recommend you use a VPN connection like VPN Unlimited to prevent any data monitoring.

6. Rotate your passwords

You will be surprise how many times we encounter users that still use, in 2019, passwords like “Password123” or “Snoopy99” for every account they use online.

This is why we always recommend our users from rotating their passwords at least every 6 months. As we said at the beginning of the post, every day new threats are being created to attack your devices and to gain access to your passwords, sometimes you don’t even know your password is compromised.

We recommend using services like Dashlane, it offers a one-click solution to all your passwords and you don’t even have to remember any of them, you only need ONE single password to access your Dashlane platform. Dashlane can also rotate your passwords as you request. They accommodate to complexity and regulations with all the accounts you manage.

Want to know if your password has been compromised? Check this out: https://haveibeenpwned.com

7. Social Engineering

Social Engineering is the way to gain access to corporate resources using intimidation, threat or even pretending to be the “fly on the wall”.

For example, If you see a stranger in wondering around the office, present yourself, and make sure they are in the right place or at least help them find the person they are looking for. You would be surprised how many “random” people walk around offices plugin in USB flash drives in employee’s computers.

If someone calls you or emails you “by accident” and attempts to get information from you through manipulation or intimidation, there is nothing wrong with saying no or not even answering back. You need to report the incident immediately to a superior or your IT Team to activate security procedures.

8. Share less in social networks

Social networks are the main source of important information in our lives, where we work, where we went to school, your friend’s information, your best vacation spot, etc. It is important to share the least amount of information, keep your profile secured and prevent accepting friend requests from unknown accounts.

9. Be careful where you click

When in doubt, please don’t click on it. If you receive an attachment from an unknown sender, or an email that looks suspicious or out of order, please don’t click on it. Make sure you delete it and/or report it to the IT team to make sure someone else in your organization hasn’t fallen victim. Spam filters are always a little step behind the latest phishing trends.

Think you got what is takes to spot a fake site? Give it a try to this Phishing Quiz

10. Lock your computer up!

Always lock up your devices with a password before leaving them unattended, whether you use a Windows PC, an Apple computer or any other type of device, you should always have a way to lock up your device before you leave it unattended and always password protected. If you keep important information in a flash drive, put it away as well.

Sticky notes are for quick mental notes, please do not write your password on a sticky note, that defeats the purpose of this entire post!

If you have any questions, or if you would like us to do an assessment of your Network Security in your home or office, please make sure to fill out the information in our contact form.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.