When many business owners think about protecting their data from being compromised, it seems like a daunting task. However, protecting your data doesn’t have to be a difficult process. By following four simple rules, you can drastically improve your security, preventing your data from being stolen or destroyed. All of your employees should be using strong passwords, they should be logging out of accounts when not at their computers, they should not all have administrator privileges, and they should know how to spot malware.
Create a Strong Password and Keep it Secret
When it comes to data security, using strong passwords has the highest return on investment. Creating a strong password only takes a few seconds, and yet it’s the number one defense against data breaches.
Your password should be at least 8 characters in length, but the longer your password the better. Longer passwords are more difficult to crack. It should also include uppercase and lowercase letters, numbers, and special characters. And to make an example of one of the worst passwords to choose, rather than using “password” it would be better to use “P@55w0rd” — please don’t use any variation of password as your password.
Additionally, you should use unique passwords for each account and regularly change your passwords to make them even harder to figure out. And while it may be tempting to write down your new passwords every time you change them, refrain from doing that. If you happen to lose whatever it is you wrote your password on, or even if someone else sees it, your data could be compromised. Finally, enable two-factor authentication whenever possible. This will send a one-time use code to either your email address or phone number which will be used in conjunction with your password to log in.
Log Out When Not at Your Computer
Even if you’ve crafted the ultimate password, it doesn’t matter if you don’t log out of your account, allowing someone to bypass the password and gain access to sensitive data. Passwords are great for keeping outsiders out, but your computer is secure in your office building, so does logging out matter? Well, as it turns out, you don’t want insiders getting into your business’ network under different usernames either. Even if your coworker doesn’t have malicious intent, you wouldn’t want them accidentally messing anything up while logged in as you. And if they do have malicious intent, they could reset your password while you’re away and compromise important data under your name.
Restrict Administrator Privileges
Administrator accounts are often used unnecessarily. In fact, even on your personal computer at home you should not be using an administrator account for day-to-day operations. So with this in mind, not everyone in your company needs an administrator account — these accounts grant access to the entire system, which can do more harm than good. These accounts should generally be restricted to those who need them, including any in-house IT professionals. The best way to think about it is: There’s no reason for someone in your marketing department to have administrator access to your accounting documents.
But why does it matter what sort of account privileges each user has? Just because your marketing team has access to financial documents doesn’t mean they’re ever going to use that access. That’s correct, but in the wrong hands an administrator account can severely compromise your data. For example, not everyone with administrator privileges may know they have those privileges. What happens if they accidentally delete something they shouldn’t have had access to in the first place? And, if a hacker gains access to an administrator account, they’ll suddenly have access to your entire network.
Has someone’s account information been compromised before? Then they probably shouldn’t be an administrator.
Watch Out for Malicious Software
The biggest problem when it comes to malware is spotting it. Often, it’s nearly impossible to tell if something you’re downloading is malware or not simply because it’s specifically designed to look benign. However, there are a few things you can do to protect yourself from downloading a damaging virus or other malicious software.
Only download things from trusted sites. If you don’t recognize the site as a trusted brand, it’s a good idea not to download anything from it. Additionally, stay away from video streaming and torrent sites, as well as any site with adult content — this adult content may be in the form of ads, not necessarily the actual content on the page. These sorts of sites are often prime breeding grounds for malware downloads.
To improve your security even more, it’s highly recommended that you use an antivirus software to scan files before downloading. Some antivirus software automatically scan all files you attempt to download, while others will allow you to manually scan files before the download begins. Ad blockers are another, albeit small, level of security. They can block spam pop-ups or malware-laced ads. The majority of ad blockers also have a whitelist feature, so they can be set to only block ads on untrusted sites.
If you want to protect your business’ data with relative ease, create strong passwords, log out of your accounts, restrict administrator privileges, and know how to protect yourself against malware. And for additional protection against threats to your sensitive data, an IT service provider can help.
Protect Your Business with IT Services Group
For all your IT needs, including protecting your data from being breached, IT Services Group is here. Contact ITSG today to learn more about how our managed services can protect and streamline your business.