Posts Tagged ‘employee tips’
7 Easy Ways to Improve Your Employees’ IT Security
No matter what type of business you’re in, employees remain one of the biggest threats to information security. Enforce these steps, and you’re well on your way to a stronger, more secure network.
-
1. Differentiate between files that contain confidential data and files that don’t. The ones that must be confidential should be dealt with first (whether that means deleting them or encrypting them).
-
2. Only save confidential data in a proper storage files. Don’t allow this type of information to be stored on individual PCs or laptops.
-
3. Keep track of portable storage device use. If a flash drive or portable hard drive contains sensitive information, it needs to be handled properly. Make sure the check out/check in process is formalized and that there is secure storage during non-use.
-
4. Require employees to log out of all applications (or even their computer) when they walk away. Depending on the type of work he or she does, this may need to be enforced even for short breaks.
-
5. Don’t allow employees to save non-work-related files to their computers, This includes pictures, music files, movies, or documents – especially those from illegal download sites. It is too difficult to monitor all files for safety.
-
6. Monitor all software installations. There are many types of free software (such as toolbars, instant messaging applications, and even web browsers) that employees might be tempted to put on their computers. These should only be allowed under your discretion.
-
7. Enforce email and email attachment rules. These should be a part of company policy and be strictly monitored.
What Makes a Good Password?
The passwords you and your employees choose may be the single most important piece of your basic system security, but how much effort is put into them?
- Are they easy to guess?
- Hard to remember?
- How often are they changed, and are they different for each application?
All of these are important ways of reassessing your password selection.
Think of your passwords like the goalie at a hockey game. A great one keeps all of the pucks out, and a poor one allows anyone who tries hard enough access to your systems. The first thing you should do is make sure every person has their own passwords. That’s pretty basic, but if passwords are shared, it can be pretty hard to track down who is doing what in the system.
Make sure all passwords have at least eight characters, that they are alphanumeric, case sensitive, and also easy to remember. Easy to remember is really the clincher here. You don’t want to have to write them down because then the note can be found, but if it’s too easy, anyone could guess it. One idea is to take a random word and manipulate it. Elephant is easy to remember, and if you change it to E13phan7, you have a password that’s both hard to crack and easy to remember.
Of course, to keep the puck out of the goal, you have to give your goalie a break from time to time. In the same way, you should also change your passwords often and use a new one for each account and application. That way if one is compromised, it will change soon, regardless, and no one will be able to access other systems beyond the one they have the password for.
It may seem like a lot of effort, but keeping passwords safe keeps the goalie in the game and keeps your opponent from scoring.