New Year’s resolutions – we make them; we forget them. But, to keep your company and employees safe and productive in 2019, here are “Seven IT-related Resolutions” for your company to seriously consider.
Enable Two-Factor Authentication on All Your Cloud Services.
Two-factor authentication is a security enhancement in which, in addition to their standard password, the user requires an additional authentication method to verify that they are the one logging into the service – this usually comes in the form of a code sent to their mobile phone.
Why you need it: Internet hackers are exceptional at figuring out userids and passwords, enabling them to log into a company’s online accounts. The most frequent example of this is to gain access into an email account – once hacked, they set up rules to have all received emails sent to them. If you, your employees, customers or partners ever email sensitive information, then you absolutely don’t want this to happen.
By using two-factor authentications you ensure that only computers that you trust can access your account, and you get alerts if someone else is trying to log in as you.
Create a Disaster Recovery Plan. If You Have One, Review It.
There’s no way to predict the future! Murphy’s Law tells us that anything that can go wrong will go wrong. Without a well-thought out recovery plan, your company’s ability to operate could be compromised – perhaps for hours, maybe days, or possibly even longer.
What could go wrong? Here’s a quick list of the most common issues:
- User error – We all make mistakes: User error (deleting or losing files or data) is often cited as the leading cause of data loss.
- Hardware Failure – hardware often fails, due to normal wear and tear, defects or the explainable.
- File Corruption & Software Failure - Software will occasionally fail. Files and data get corrupted or deleted without warning.
- Natural Disasters and Extreme Weather – Power outages, small leaks, and other less severe issues create costly downtime.
- Insider Threats – A disgruntled employee could intentionally encrypt, delete, steal or corrupt sensitive information.
- Cybercrime - Viruses, malware and cybercrime – especially ransomware – are an increasingly- dangerous threat.
Make sure your important data is encrypted.
Do you have any types of files or data that have significant security concerns? These could be:
- Files or data that have a regulatory compliance requirement
- Files that contain “Personal Identifiable Information” – think social security numbers, bank accounts, home addresses and phone numbers
- Files that include Intellectual Property that, if leaked, could jeopardize the company from competition.
If the answer is yes to any of these questions, then consider applying encryption to this data while it is stored in the office. If this data ever travels outside of the office, it likely needs to be encrypted – this includes if it is sent by email or stored on a company employee laptop.
If you aren’t using Cloud Storage, create a plan to do so.
Companies that migrate their files to cloud services, like Office365, see numerous benefits, including improved productivity and reduced risk - both good things! Specific benefits include:
- Freedom from VPN! Your staff can access and work on their files from anywhere – from home, a hotel, or on the train while commuting. And, they can do so from a computer, or from a simpler device like an iPad or their mobile phone.
- Get Collaborating! Cloud storage offerings enable your staff to work on the same files at the same time – collaboratively editing documents, reviewing comments from coworkers, and speeding up the time to deliver their documents.
- Didn’t Save? Don’t Worry. Now, your staff no longer need worry about saving their files – as changes are automatically saved, and you can revert to any previous version – all of which are stored in the cloud.
- All files are automatically backed up and can be recovered to any previous versions – no more worry about whether the backups in your office are working properly.
Make sure your users are not administrators of their computer.
Do you have a policy that ensures that your staff are not setup as ‘Administrators’ on their computers? When a user downloads a virus onto their computer – if they are configured as an administrator on their computer, they provide the virus with unfettered access into their computer.
However, if the user is not setup as an administrator, the virus has a much more difficult time infecting critical parts of how the computer operates, making the virus significantly less dangerous and damaging.
Review your password policy.
Do you know what your current password policy is? Are your users forced to change their password periodically? Do you require that their password be a complex password? If you are not sure, it is time for a password policy review
In today’s world, your passwords should change at least every 90 days, should require complexity, and should temporarily lock the account out if someone unsuccessfully attempts to login several times in a row.
Ensure that you are using Web Filtering as an added layer to protect users from Malware and Phishing Sites.
Web filtering is not just for preventing users from accessing Streaming and Social Media sites. Most companies don’t care if their staff access YouTube or Facebook – but, would love to prevent users from accessing sites that have malware on them or are Phishing sites.
Web Content Filtering is a significant last line of defense to prevent users from accessing dangerous websites and is very easily implemented.
With the right help, these “7 Resolutions” can be a lot easier to follow through on than losing those extra 10 holiday pounds or getting to the gym every morning. And, of course, the LightWire team would be happy to discuss how we can help you. And until we talk – all of us at LightWire wish you a Safe and Productive New Year.
Learn more about our Fixed-fee IT Services.
Call (617) 395-8008