Making your business secure
Tips for improving information security and Resilience
Security must be a business enabler, not prevent it.
Security is everyone’s responsibility, so provide awareness sessions and teach the basics again and again. Educate your staff about what is expected of them, such as good password security, for example using strong passwords and never using the same password twice, and that they should be aware that when they put information online, they can never be sure that it will remain private.
Backup your data on a regular basis and store it away from the data source, but don’t forget to test that it has worked and that the systems can be restored from it.
Encrypt any personal or sensitive information that is held electronically that would cause damage or distress if it were lost or stolen.
Install software patches and updates as soon as possible.
Only allow your staff access to the information they need to do their job and don’t let them share passwords. When staff leave or move to a new role, update the access privileges.
Make sure that you have a firewall and at least one Anti-Virus/Malware product running and that they are up to date. Consider installing an anti-spyware tool. Spyware is the generic name given to programs that are designed to secretly monitor your activities on your computer.
Make sure that when they are no longer required, electronic devices are disposed of by correctly recycling or destroying them.
Remember that the security of your information is not just about the computers. You also need to have good physical security, be able to trust your people and have good policies and procedures in place.