Our blog mistress, Ruby Usman, recently came across a very good article by Kashmir Hill from Forbes magazine. It comprised tips to achieve basic cyber security on devices that are being used for your business communication. We have adapted Kashmir’s points and added a couple more to come up with 10 simple things you can do to lessen the risk of your business being damaged by cyber vandals or malicious competitors.
- Make sure your employees password protect their devices: smartphone, iPads, Laptops, tablets, etc. Typing a password only takes two seconds. Operating without a password is the digital equivalent of leaving your office or car unlocked – you may get important stuff stolen.
- Make sure your employees sign out of any social media/personal accounts based sites that they login to. This slightly reduces the amount of tracking of Web use and prevents someone sitting down at a computer and snooping. As an extra precaution close the browser.
- Encrypt your company computers. The word “encrypt” may sound scary but it is easy to do. Encrypting your computers means that someone has to have your passwords (or encryption keys) in order to peek at the contents should they get access to your hard drives. On a Mac, this is done by FireVault and on a PC, this can be done by using BitLocker.
- Turn on 2-step authentication in Gmail. If your employees use Gmail for business communications make sure that they turn on “2-step verification”. Then in order for your Gmail account to be accessed from a new device, your employee needs a code that’s sent to her/his phone. So even if someone somehow gets a password, they won’t be able to use it to sign into a Gmail account from a strange computer. This could be annoying if a phone battery dies or when travelling abroad, but you can turn the feature off when abroad or phone-less.
- Ensure that browser history and cookies are cleared on a regular basis. Consider having your employees change their browser settings so that history and cookies are automatically cleared every session. Your employees should go to the “privacy” setting in their Browser’s “Options” and set to “never remember your history.” This will reduce the amount of on-line tracking.
- Use an IP masker. When you visit a website, you leave a footprint behind in the form of IP information. If you want to visit someone’s blog without their necessarily knowing it’s you — say if you’re checking out a business competitor — you should consider masking your computer’s fingerprint, which at the very least gives away your approximate location and service provider.
- Put a Google Alert on your company name. This is an incredibly easy way to stay on top of what’s being said about your company online. It is easy. Enter your company name, and variations of it, with quotation marks around them – that’s it.
- Lost or Stolen Devices. Consider using a ‘traceback’ app for smartphones and laptops that allows you to track stolen/lost equipment if it is connected to the internet.
- WiFi security. Configure your office WiFi with encryption; be aware that a lot of free WiFi connections don’t have encryption; and never send plain text passwords on an un-encrypted connection.
- Portable disk drive (USB) security. USB drives should be encrypted. Purchasers of job-lots of USB drives have found that few were encrypted and many of them contained malware and/or personal and business data.
Sources:
- http://www.forbes.com/sites/kashmirhill/2012/08/23/10-incredibly-simple-things-you-should-be-doing-to-protect-your-privacy/
- Information Age magazine February 2013
