These 4 Things Make Your Network Security 4X Stronger
Be the champion and wrangle a promotion out of it.
Companies are in the business of making money through selling products and services.
But the way companies operate today primarily revolves around having a strong online presence and having networks and servers to run day-to-day operations.
Even some of the biggest companies with massive IT departments can run into trouble. But more and more, especially with IT cutbacks, companies are putting themselves at risk.
So maybe you fall into one of the following categories:
- You run a small company that is fully reliant on technology, but you do not know if your IT department is on top of security
- You work for an IT department that does not have a clear policy for security issues
- You have had some security issues in the past and need to start taking steps into improve the integrity of the company technology...but no one has stepped forward
This article is for you.
Here are four clear steps you can establish immediately that can start to close the gaps in your network infrastructure. These are tried and true steps that all companies should do, but find it hard to get around to.
So if you put these in place, you will be ahead of the game.
1. Change passwords immediately for employees that are let go.
The minute that an employee becomes a former employee, you need to treat him or her that way. It isn't personal; it's the smart way to do business. Change the (now) former employee's password instantly...or even change it before he is let go. Don't give an unhappy or upset employee the chance to download or sneak away proprietary information.
Take it a step further. Don't look at this as a one-time process for one employee. Institute some policies for managing or granting access as an on-going process. It will help you keep company confidentiality top of mind.
2. Get smart on smart device security.
Tablets (and smartphones too) are becoming part of the mobile network workplace. But how much access do you want to grant employees when it comes to accessing files on their tablets. Tablets are more easily lost or stolen than laptops, so sensitive company files are at risk.
Think about beefing up company login in credential with two-factor authorization. Install security devices on all smart devices to ensure they can be recovered/found quickly in case of theft. Finally, ensure that all data coming from your servers in encrypted, as well as all emails.
It might be smart to purchase, assign and monitor all tablets, rather than have an employee use his own. This gives you more control over shutting down access to company networks when the employee's tenure is over.
3. No more simple passwords that are easy to crack.
It's easy for an outsider to figure out the format for usernames in your company (for example, "[email protected]"). However, if your staff uses passwords that are easy to guess, then an outsider can easily gain access to your network. If someone remotely hacks into employee emails, they can easily start to communicate with others online (impersonating the employee) and trick others into providing company stats and information. The same goes for user credentials for logging into the company network.
Make changes now. Do everything you can to force employees to change passwords routinely and to create hard-to-crack ones. Again, think about instituting two-factor authorization for logging into the company network.
4. Train everyone to look out for, and deter, social engineering.
Hacking your network isn't the only way an outsider can do damage to your company. Someone making a phone call or sending an email to a new employee, for instance, can obtain valuable information—even if that's only the name and phone number of the CEO. This is referred to as social engineering.
Company information doesn't simply include the sale and profit figures for the last quarter. It also includes executive phone numbers, home addresses, titles, email addresses and more.
Even with few details to work with, thieves (often using email) have tricked employees to authorize payments to phony companies or to obtain the boss's corporate credit card number to "finalize" a fictitious purchase.
It happens all the time.
Companies, large and small, need to train employees on what information they should never voluntary provide to any "stranger" or supposed friend, or news reporter.
Company safety in today's world needs to include protecting the company's assets, and that includes information that only employees should know or have access too.
Put these new policies into places ASAP, then keep looking for ways to boost your internal security.
With ransomware attacks and global hacks becoming more commonplace, the time to make changes is now.