Our reliance on technology, coupled with the increasing amount of data we share online, has left us vulnerable to cybercrime. For this reason, cyber security has become hugely important to all businesses and also to individuals hoping to protect their personal data. And while it’s positive to see that more and more people are understanding the importance of proper security systems and regular checks, it’s almost impossible to be completely safe from cyber criminals.
That said, there are steps that both businesses and individuals can take to significantly reduce the risk of falling victim to a scam or being targeted by hackers. Promoting best practices at work and in your personal life is the best place to start, and this can be done in the form of a cyber security assessment checklist. For the purpose of this article we’ll look at how companies can protect themselves and their customers/clients from cyber-crime, though most of these practices can also be applied to individuals looking to stay safe online as well.
Below is a 10-step checklist from Evalian for professionals and businesses who want to protect themselves from hackers, online scams and any other potential security threats. You can use this checklist yourself or put together your own similar version to ensure you’re ticking all the right boxes and doing all you can to reduce the risk of cyber-crime.
1.Check Your Operating Systems Are Updated And Promote Best Practice
No matter what system you run, be it Apple or Windows, you need to make sure you’re using the latest version. Ensure that your systems are set to automatically update when a newer version is available. You must also encourage all employees (yourself included) to shut down computers after use. This will prompt them to install any system updates as well as decluttering the system overnight. It’s also helpful to remind staff to run updates on their smartphones or tablets too, these can also be set to update automatically.
2.Make Sure You Have Antivirus Software And You Complete The Updates
On a similar note you need to make sure that your company has antimalware programs installed to help fight viruses. Then ensure that these are checked regularly for any updates, or that all computers are set up to report the status of antivirus software and automatically update when required. It can also be a good idea to have a member of technical support review these on an annual basis to see if any better systems have been released and whether it’s worth changing to a better software.
3.Enforce A Strong Password Policy
You’re probably familiar with the password hoops you have to jump through when trying to register for any new website or system. It is suggested that complex passwords have at least eight characters, one upper case letter, a number and a special character. While this can feel complicated, strong passwords are the key to reducing the risk of a cyber security breach. As a business it’s best to allocate passwords to staff when they join, or promote best practise and teach them how to generate their own strong password. Either way, it’s a good idea to encourage everyone to change these passwords regularly, three to four times a year if possible.
4.Make Sure All Devices Are Secured
All devices containing sensitive or private information need to be secured. Whether that’s physically locking up the office at night and ensuring an effective security alarm system, or encrypting data drives and ensuring all mobile devices or laptops are locked with a password when outside the office.
5.Don’t Forget Automatic Lock Screen
Set all computers or mobile devices to lock automatically when they’ve been left idle. This stops any wandering eyes from seeing private information. It’s also a good idea to teach all staff to lock their screen when they leave their desk, even if it’s just for a minute or two.
6.Educate Staff About Email Best Practice
While most email services do the best they can to find spam or potentially dangerous emails, they can’t catch them all. Remind staff never to click on links or attachments from unknown or suspicious looking emails. By checking the address of the sender or by running the email past IT staff, employees reduce the risk of installing a virus onto their work computer.
7.Make Sure All Connections Are Secure
The IT team must make sure that a secure network or VPN (Virtual Private Network) is in place for everyone working in the office. Those doing work outside the office environment must be reminded not to log onto public wifi when sharing or using confidential information. It’s a good idea to teach all staff about best practice when it comes to using wifi connections outside work.
8.Dispose Of Data Or Old Equipment Properly
Any equipment or paperwork that contains personal data that is no longer needed should be disposed of accordingly. This could mean shredding paperwork, reformatting drives or destroying physical equipment to ensure it is not found by ‘dumpster divers’ or anyone who may get their hands on the equipment once you’re done with it.
9.Hire The Right People
It’s a good idea to have an IT team or to hire in contractors that have expertise in cyber security related issues. These people will be able to implement new systems, check your security, train other employees and take action should there be a breach in security.
10.Put A Plan In Place For If There Is A Breach In Security
Finally, you need to make sure that you have a system in place should there be a security issue. This means educating all staff on who they need to contact in a cyber security emergency and ensuring that everything is dealt with as quickly as possible and documented fully to stop the problem from happening again. It could also be a good idea to take out security insurance as a backup.