You lock the door and turn on your alarm system when you leave your house. You do that to deter someone from just walking in. Doing those two things are considered the “basics” to keep your home safe. But, what are the must do’s for business? Here are five “basics” to keep your business safe.
- Use Multi-Factor Authentication: This requires your users to have a second step when logging in to any of your systems. The main benefit of MFA is it verifies your users are who they say they are. MFA can be accomplished by asking for a one-time password or PIN, sending a code to your phone or requiring face recognition, thumbprint etc. The key here is to add a second layer of security. (Remember, at home you lock your door AND set your alarm!).
- Require Security Awareness Training: Monthly training and simulating email phishing for teaching purposes is critical. If you are not training, how are people learning? Clicking on harmful links in emails is the number one way a security breach occurs.
- Deploy Password Managers: Do not save your passwords in your web browser. Use a password manager (LastPass, Keeper, Zoho, etc.). Password managers allow you to use different passwords for every login. Once attackers compromise a password, they will attempt that password on other sites. Weak and Stolen passwords are an “easy in” for hackers and scammers.
- Use Geo Filtering: If you don’t do business outside the USA, don’t allow traffic from outside the USA. You will be more secure if you block emails and logins from areas in which you don’t do business.
- Limit Local Administrators: If your end user is not your IT manager, do not allow them admin rights to their PC. If a hacker does get in, they now can more easily traverse your network. If you have exceptions to this rule, discuss it with your IT manager.
These are a few basics, but if you want more ideas on how to stay safe and best practices, reach out to your ATCOM team, and we will be glad to help you.
Written by Mike King