YOU! And your employees. Like it or not, human beings are our own worst enemies online, inviting hackers, viruses, data breaches, data loss, etc., through the seemingly innocent actions taken every day online. In most cases, this is done without malicious intent – but if you as a manager or owner aren’t monitoring what websites your employees are visiting, what files they’re sending and receiving, and even what they’re posting in company e-mail, you could be opening yourself up to a world of hurt.
If you’re using any kind of cloud application (and these days, who isn’t?), you are right to be concerned about data privacy and security. The company hosting your data is ultimately responsible for keeping hackers out of THEIR network, but most cloud breaches are due to USER ERROR. So, it’s important that you, the user, are being smart about security. Here are a few things you can easily do to improve security in the cloud:
No matter how diligent you are about security, there’s always a chance you can get fooled into clicking a malicious link or opening an untrusted document. That’s why you need to put a plan in place NOW to protect yourself and your CLIENTS, so damage is minimized.
If you handle, process or store credit cards in any manner, you are required to comply with PCI DSS, or Payment Card Industry Data Security Standards. This is a set of LEGAL requirements you must abide by to maintain a secure environment. If you violate them, you will incur serious fines and fees.
Remembering dozens of complicated passwords is a GIANT pain, which is why people have bad password “habits” – reusing passwords or creating simple, easy-to-remember passwords (like “letmein123”).
When accessing a banking site online or any other application containing sensitive data, make sure you log out of the site and THEN close your browser. If you simply close your browser, some of the session information that a hacker can use to gain entry is still running in the background.
Using complicated passwords for everything IS annoying. However, the one account you want to make sure has a VERY complicated, long, hard-to-type password is your e-mail account.
Here’s a tip that just might save your bacon: set up withdrawal alerts on your bank accounts. Many banks will send you an e-mail alert whenever money is withdrawn from your account via check, debit card or transfer. Setting up those alerts will allow you to spot and report fraudulent activity BEFORE the money has already been siphoned into a cybercriminal’s hands.
The ONLY thing you should use your company’s workstation or PC for is…WORK! Never mix personal web surfing and social media with company devices. If you want to check your Hotmail account or Facebook page, do it during your lunch break and on YOUR personal device.