How does your business secure IT resources within the premises? If you don’t have a system in place there are two main areas of focus to ensure cybersecurity - your physical devices and how those devices connect to the internet.
It’s easier to steal a laptop or mobile that’s sitting on a desk than to hack through multiple layers of online security, so ensure your physical infrastructure is secure in the new premises. Physically lock desktop computers to desks and limit access to any business servers/computer rooms. Make it difficult for thieves to remove your computer hardware from your premises.
When team members are away from their desks, ensure that they enable password-protected screensavers/lock screens so that anyone passing by cannot access their device without a password.
Use drive encryption on all desktops, laptops, mobile devices and USB sticks so that should these devices be lost or stolen the data on them is useless in the hands of criminals. Encryption programs such as TrueCrypt are available for free.
Protect your Internet Connection
To keep your internet connection secure don’t share it with another business, even if they’re in the same, shared office space. The few pounds saved are not worth the significant security risk. Always have your own direct connection to the Internet and be in sole control of the hardware that connects it.
Change the default authentication to access the router’s admin panel, physically restrict access to the hub/router, and protect any Wi-Fi network with WPA2, using a strong password that isn’t used elsewhere. Don’t write down the office Wi-Fi password on a whiteboard, and don’t just give it to anyone.
If you’re not already adopting the following security measures, 2014 might be a good time to start. If you host services in the cloud, use an ISO 27001 accredited provider as it will ensure it meets security management standards of confidentiality, integrity and availability; avoid using unsecured Wi-Fi networks; don’t jailbreak devices; keep software up-to-date, run regular anti-virus and anti-spyware scans, and educate employees on phishing, spoofing and social engineering scams.
Perhaps most importantly, adopt a strong password policy to protect all of your business accounts. Be sure to avoid using insecure practices such as storing passwords in spreadsheets or Word documents. A password management solution such as my1login makes it easy to use strong, unique passwords for all business services. my1login also provides a mechanism to securely share specific passwords with team members, provides an audit trail of who has access to what and when, and makes it easy to cease employees who leave the business.
It doesn’t need to be expensive to implement good policies to keep your team and your business secure. Don’t wait until the worst happens before taking action. Be pro-active and implement strong security policies before the company suffers a breach.
If you'd like to see how my1login can improve your business's online security and help protect you against hacks in 2014 try out the my1login password manager for free, or leave your email address and we'll send you an information pack.