Regardless of industry or services offered, organizational cybersecurity must be a top priority for every company in 2019.
Today, bad actors have a lot of different ways they can breach a company and expose their employee & client data, as well as their systems. Below are a few things companies should be doing to make sure they put themselves in the best position to protect their data and systems.
- Have a Formal Cybersecurity Policy – This seems obvious but there are still many companies that do not have a formal policy in place. Additionally, it is equally important to make sure it is clearly communicated across the organization and accessible for all to reference.
- Secure Company Issued Computers – Whether it is malicious or not, many breaches are the result of a seemingly innocent action by a well-meaning employee. We are always being prompted to download a new program, open a large zip file, or import files via a thumb drive. Lock down company issued computers so only admins have access to install new programs, disable thumb drive access, and do not allow third parties remote access to desktops.
- Utilize Two Factor Authentication – Every where you go virtually you run into two factor authentication. In addition to user ID and password, users now are being asked to enter a pin that is sent to a cell or secondary email address. That is just one example of two factor authentication, to ensure users are who they say they are.
- Make Workstation Security a Priority – Educating your workforce on the importance of maintaining a secure workstation is critical. That includes not printing documents with personal information when it can be avoided and having a shred bin for when such documents must be printed. Make sure all employees lock their computers when they are away from their workstations, even if just to run to the printer. Also, ensure access cards, badges, and/or fobs are secured and not laying around to be lost or stolen.
- Communicate, Communicate, Communicate – This seems simple but is often overlooked. Share the policy and updates to the policy regularly. Do not assume that employees will take the time to seek out the policy. Make reviewing & accepting the policy an annual reminder event for all current employees and an onboarding item for all new employees.
These are just a few ways you can help your company maintain a secure environment and provide a level of security to your employees and clients. It is the responsibility of everyone across the entire organization to do their part to keep the company safe from bad actors.