Safe Computing at Work

We all work with computers in one form or another. Whether we're working as a Shipping Foreman for a warehouse scheduling deliveries, as a Customer Service Agent answering product questions via the phone or as a business owner keeping our employees and information safe and secure, computers drive the workforce these days. Safe computing at work protects both ourselves and our employer. It also helps protect our fellow staff members. Most of us have experienced the disruption a power outage can create. People fill the office corridors or shop floor, wandering around looking for something productive to do. This can also occur when a computer at work gets compromised: it can compromise other computers, servers, the network and more leading to a loss of information and productivity.

Stop Cybercriminal Activity

Stop cybercriminals before they get started
  • Back up critical information – Establish a schedule to perform critical data backups to ensure that information is not lost in the event of a cyberattack or natural disaster. Store all backups in remote locations away from the office, and encrypt sensitive data about the organization and its customers. Invest in data loss protection software and use two-factor authentication where possible.
  • Keep work information on work computers - It's tempting to use our personal computer for work; however it's best to utilize a work computer for work related activities. We take advantage of the additional security our employer provides and Internet Service Providers (ISP) treat business accounts differently that home accounts when employing security measures.
  • Make sure your workstation, laptop and other devices are updated with the latest security patches. Ensure the software you use is updated as well
  • Ensure your workstation, laptop and other devices are employing proper End Point Protection (EPP) and that an updated firewall is in place
  • Do not use public WiFi that's typically available at coffee shops, retailers, hotels and other public spaces. These wireless connections are usually left open to make it easy for people to connect to; however, that means it's easy for criminals to connect as well.
  • Use a secure Virtual Private Network (VPN) to establish work connections. Your employer should make this mandatory. If you're a business owner make sure you do make it mandatory to connect to your business remotely. A VPN creates a secure connection between a remote system and your business network.
  • If you're a business owner it's recommended you consult with a digital security professional to make sure you're doing what's best for your company to protect your employees and your customers information.

Think security first

Protecting our business and customers is primary
  • If your business collects and stores Personally Identifiable Information (PII) remember it is up to you to keep it safe. Make sure you know what constitutes PII and the different laws surrounding it's protection. The Payment Card Industry Data Security Standard (PCI DSS) is just one standard you may be aware of regarding protecting payment card data. Others are the Health Insurance Portability and Accountability Act (HIPAA) and the Sarbanes-Oxley Act (SOX).
  • Many small businesses offload storing PII to a third-party vendor who is fully compliant with whatever standards are applicable. One example is handing off payment processing to another vendor, usually your bank or credit union.
  • Control physical access to your business computer, laptop and other devices. Don't allow anyone who isn't a member of your organization usage of any of these devices.
  • Use Multi-Factor Authentication (MFA) for all company accounts
  • Remember that email is NEVER secure unless it is encrypted. NEVER send PII via email unless it is encrypted.
  • Train your staff and yourself in cybersecurity best practices. Some good training topics include: developing good web browsing habits, creating strong passwords, avoiding suspicious emails and protecting client information.
  • Again, if you're a business owner it's recommended you consult with a digital security professional to make sure you're doing what's best for your company to protect your employees and your customers information

Connect with COnfidence

Do your part to be safe
  • Change all network device default administrative passwords, even copiers. Cybercriminals will typically use default passwords to begin attacks and have been known to extract PII from business copy machines.
  • Make strong password use mandatory at your company. If you don't own the company where you work, make sure you use a strong password. A strong password is at least 14 characters in length, contains both upper and lower case letters, has numbers and special characters. There are online password generators that can help you get a strong password. A phrase or combination of unrelated words is a good start.
  • Use a cybersecurity planning tool to assist you with creating a cybersecurity model based around your business needs. The Federal Trade Commission (FCC) offers just such a tool free of charge.
  • Scan your systems for known vulnerabilities. The Department of Homeland Security (DHS) provides this service to small businesses for free.
  • Frequently save and backup your work. This is especially helpful when telecommuting.
  • Ensure all business systems are fully backed up and stored offsite in a secure location. Ransomware now targets local backups to try to prevent businesses from recovering from an attack.
  • Ensure all business systems are kept up-to-date with the latest software and security patches. Criminals typically exploit older versions of software or operating systems as they are easier to use maliciously.
  • Consider investing in next-generation End Point Protection (EPP) for your workplace.