10 IT Tips to Keep Your Business Secure

1) MFA/2FA

Acronyms aside (multi-factor or two-factor authentication) this is the most basic security setting that should be enabled across the entire workforce. Without it all, a hacker needs is a guess of your password or successfully “phish” your email.

2) Password Enforcement

Everybody hates having to use a strong password. How many times are you asked to change your password? Can you remember them all? Use a passphrase; instead, these are usually easier to remember are far more secure.

3) Phishing Emails

Having an awareness of phishing emails and what to spot is probably one of the best practices you can employ. This includes looking at the URL in a link, checking the sender email and spotting any glaring mistakes in the copy of the email. These are always red flags which should be checked if you are being asked to click something in an email.

4) Anti Virus

Proper antivirus protection seems like such a non-topic. It’s taken for granted, but it shouldn’t be. New computer viruses appear regularly, so it’s essential to have antivirus software that is continuously up-to-date.

5) Patching

Patching is the insider term for keeping Windows updates up-to-date. Microsoft Windows has an inbuilt update feature that will annoy you to update your machine when a critical update is necessary. Don’t ignore these prompts – you may be increasing your security risk if you keep delaying updates.

6) Backups

The chance that your business will get hacked is high. It’s an unfortunate fact that no matter how secure your IT, systems and policies are cyber crooks will find a way in.

To prepare for this reality, make sure you have a working backup solution that is checked regularly to make sure you can actually recover in the event that your files are held to ransom.

7) Accounts

When you have old members of staff that leave the organisation, it’s always one of the last things to think about – their email and account.

Keep your IT provider informed about employee’s leaving the company so that their accounts can be blocked and archived in line with standard operating policy.

8) WiFi

An open WiFi network with no password is a significant security flaw. It might seem like a great idea to have a public system so visitors can quickly join. Best practice to have a secure corporate WiFi network and a segregated guest network with password enforcement on both.

9) Encryption

Device encryption is something that you should have enabled on all desktop, laptop and mobile devices as standard.

If a piece of hardware gets into the wrong hands, it can easily be cracked and the data copied.

10) USB Keys

USB Keys are handy for sharing and transferring data; however, they’re also one of the most significant security risks. If you lose a key that has essential data, there’s no telling who will get hold of it. There are much more secure ways to transfer files that do not require the use of a physical device.