Ten Security Steps To Follow Personally And At Work

Here is your Erickson Solutions TOP TEN list of ways to improve your technology security both in your personal life and in your business. Need details on any of these or help implementing them? Contact us!

1. Be suspicious of all links and attachments in e-mail.. social engineering and phishing attacks are everywhere.  Don’t fall for the fake efax e-mails, UPS delivery failures, or “your account is past due” notices.  Get details here and here.
2. Use passwords/lock-screens on your phone, laptop, and tablet.  Having a device with no password is like leaving your car unlocked and wallet on the seat.. something bad will eventually happen.
3. Have backups of your server, laptop/desktop, and phone/tablet.  We of course can help on the first two, and for your phone/tablet there are a bunch of good apps including some free from the different carriers.  We recommend the backups for your server be both on-site (like a local USB drive) AND in the cloud (nightly encrypted Internet backups) to protect against natural disasters and crypto-locker infections.
4. Use professional anti-virus.  This is nothing new but every week we come across a new client (or even some existing clients) who don’t want to spend the money and then get burned by infected systems or far worse outcomes.  We recommend Symantec.cloud.  The built-in Windows or Mac protection is not enough.  Also free products can put you at risk to marketing/web-history scams, not to mention violating licensing agreements if you use personal ‘free’ products on business systems.
5. Secure your wireless router.  Both at home and at work have your router set to use the highest level of wifi security it supports, change all the default passwords, and update the firmware.  Get help from us if needed.  Lots of drive-by attacks happen on home users and businesses right through the wireless.
6. Use secure e-mail for private information.  Hotmail and Gmail won’t protect your data.  If you are sending sensitive documents to clients or vendors.. or even to family.. think about having an e-mail system such as Hosted Exchange from ESG where e-mail encryption is available.
7. Don’t use public wifi for anything related to business or banking.  Public wifi should only be trusted for the most basic of web surfing.  Even email over public wifi can put you at risk from an attacker getting your login details and taking over your email account.  If you need to use public wifi often or have remote workers like salespeople that travel, talk to us about having a secure cloud VPN option for your business to encrypt all traffic.
8. Use a password manager to allow you to have longer, tougher passwords.  Check out some options here.
9. Turn on two-factor authentication for anything that supports it.  This is especially true for your banking, credit cards, payroll, and HR software.. both at home and in your business.
10. Take all the updates when prompted from your OS, app, or device.  It is no longer optional to update your servers, laptops/desktops, and phones/tablets.  If the device ever hits the Internet, you need it updated.. and updated pretty quickly.  We all hate when Windows Update breaks something or changes some setting, but those updates happen for a reason.. to patch holes or add new security.  The same is true on your Mac, iDevice, phone, or home computer.  The pain caused by the occasional botched patch is worth it to protect against using systems that have known holes/exploits.  We can help your business create a patching/update plan that blends early-patching with not-being-the-first-to-find-a-botched-patch.  For your home systems and phone/tablet, update them frequently (weekly) and install app updates when available/prompted.

Sources:  ESG Team Experience, Symantec Blogs, Lifehacker Website