SECURITY MEASURES YOU SHOULD IMPLEMENT TODAY TO PROTECT AGAINST THESE THREATS:
(If you get lost in here, don’t panic. Forward this list to your IT service provider and ask for help)
Let’s start off with a few basic steps:
- Don’t write your passwords on a piece of paper or in your diary. If you must write them down, keep them somewhere safe, locked away, and preferably not at your office.
- Don’t share your password with anyone!
- Check whether your email addresses (and passwords) have been compromised on https://haveibeenpwned.com. If they have, make sure to update your passwords.
- Set your devices to automatically lock after three minutes.
- Make sure you have reliable backups in a different location.
For the rest, we suggest you pass these lists on to your IT service provider and get them to action it. Unless you’re an IT expert, of course!
Still with us? OK, let’s take it to the next level:
- Secure your data in the cloud. Use two-factor authentication, especially for remote access to your data.
- Use a cloud service that is in the EU, their data protection and privacy regulations are the best.
- Don’t use outdated software or software no longer supported by the manufacturer (like Windows XP, or can you imagine, Windows 98!). Turn on software updates and make sure they are installed regularly (not every six months!).
- Only allow new software installations using the admin account.
The final stretch:
- Install malware protection software on all devices exposed to the internet.
- Set up and configure a boundary firewall, internet gateway, or equivalent network device between your network of computers and the internet.
- Make a weekly backup of your email and your information on the cloud on a hard drive and
- encrypt the backup, or
- disconnect the backup from your computer and store it somewhere safe.
- Do not overwrite previous backups unless your backup disk is full.
- Test whether your backup works every three months.
- Make sure you store your email not only on your computer but also on a server (don’t use a POP3 email account).
Remember to keep adding to your Risk Master sheet!
We know, it is a mouthful. We’ll shut up now … until next week.