- Know you weaknesses
The first step to good security on your computer is to know where your weaknesses are and hot to correct them or fix any of the damage they might have caused. There are many avenues that can cause weaknesses including unused services on your computer that can still connect to the internet or a business-critical application that’s constantly running. You will never know that those weaknesses exist if you don’t look for them. MCS offers a Security Assessment that includes in depth network review to reveal any possible weaknesses, and we also use external vulnerability scanning.
If you use a weak password, it is like having a lock on your door that can be opened with a screw driver. When you use the same weak password, it is like using that same lock for your car, office, garage, house, etc. Having a unique password that combines numbers, capitals, and symbols is a great practice, and you should have different passwords all around as well. There are free applications you can use that are encrypted to save your passwords, so you don’t have to continuously remember what the complex passwords are.
- Secure the workstations
Too frequently, businesses allow all of their employees to have full administrative access to their own workstations. This can be dangerous because it allows anyone with good or bad intentions to download anything onto that workstation. Except in extreme cases, all users should be standard on every machine, and every work station should have an up-to-date antivirus pack, preferable with centralized control to alert anyone if something happens.
- Limit administrator usage
Along with the above, each person who has access to any administrator accounts should have their own admin-privileged account to show who signed on and did what. Workstations should now be logged into with domain administrator accounts.
- Train and test employees on security.
Employees should be aware of the acceptable use of technology at your business as well as how to prevent any security breaches. Your security is only as good as its weakest link. Having onsite training, periodic phishing tests, a comprehensive set of IT security policies provide a strong security awareness framework for everyone in the business.