As cyber-attacks continue to make headlines and unlawful access to customer data rises, one might think that it must be a daunting task to minimize these risks and exposure. However, like with any threat, it is important to get the basics right. Here are some simple tips to protect your customer data and hopefully reduce your risk and exposure.
Never Re-use a Password
It is all too common to hear of people reusing passwords. We, humans, are just not made to remember a list of passwords. Having one password and remembering one complex password is usually the way to go. Unfortunately, this is the sort of haven that hackers thrive on. One cracked password and multiple access is gained. Staff and users need to be trained, taught and mandated that they cannot re-use passwords. If remembering them is a problem, consider deploying a secure password management tool.
Shred Your Papers
As old school as this may sound, but dumpster diving is still a valid problem. Valuable customer data is usually printed out and then tossed into the waste paper bin without a care as to how much information is on it. Information found from the bins of businesses can then be quickly sold or published. It is not only a good practice to shred sensitive documents, but it is also necessary to instill a sense of responsibility to staff and users. They need to be responsible and dispose of all customer data in an appropriate manner. Let shredding of printed documents be a regular practice in your business.
Still Using Accounting Spreadsheets
While that Excel spreadsheet might be sufficient for all your number-crunching, from the security standpoint, that spreadsheet is an invitation to a number of vulnerabilities. Even with password-protection, spreadsheets are not designed to safeguard your financials or those of your clients. Consider upgrading to a proper accounting solution with built-in customer data protection and security guarantees.
Train Staff Continuously
You will be surprised but many a time, staff training is taken for granted. While it might be common to rely on common knowledge, it can be extremely beneficial to hold special lunch-time talks to bring your staff up-to-date on the latest vulnerabilities and hacking techniques to ensure that you and your business don’t fall prey unknowingly.
Limited Access
Just like in a bank where only the bank manager has the keys to the vault, one will need to limit access to your data. Revoke employee access as soon as they leave your business or employment.
Have a staff switching teams/department? Ensure that he/she only retains access to perform his/her new role. Access inherited from the old role should be revoked.
What about accessing data remotely? Do you have in place a set of rules to govern remote access? Since its remote, how can one be certain that the individual accessing the data is a valid staff member? Implement different access levels to govern your business data. More importantly, implement mechanisms to keep data out of prying eyes. If the user doesn’t need to access the HR-Personal-Folders, why should he/she see its existence?
Keep Your Software Updated
As simple as it may sound, always keep the operating system and its accompanying applications updated. In our connected environment, running outdated software is an open invitation for cyber-criminals. They are known to look out for weaknesses in business software and would exploit this willingly.
While the constant reminders and pop-ups for keeping your machines updated can sometimes be annoying, they do play a part in keeping your machines and your business safe. Make it mandatory to run an updated operating system, updated anti-virus, and updated software on all your business machines.
Did You Know
We offer Managed IT Services to ensure that our clients and their technology are operating at their optimal efficiency. If you find yourself asking and not knowing about the update status of your business machines, you should be concerned. If no one knows, no one monitors then its likely that your machines are not up-to-date. Do you know if all your business machines are up-to-date? Is there a machine running outdated software in your business?
Don’t leave it to chance, contact us and let us show you how we can keep your business technology operating at optimal efficiency. We can provide you with an ease of mind, knowing your business machines are monitored and running up-to-date software at all times. Contact us today!
ManagedIT.SG is an IT Support, IT Solutioning and Managed IT Service Provider specializing in serving Small Businesses in Singapore. Call us at +65 6748 8776 and let us manage your Small Business IT today!