“Only the paranoid survive,” said Andy Grove, Intel’s former Chairman. This is especially true in this internet age when data is the most valuable currency around and when internet security is still an underrated topic. No matter how big or small a business is, internet security should be a top priority.
If you’re looking to score points with your boss, or if you simply want a more secure online environment for your workplace, here are 5 internet security tips you can bring up with your boss.
1. Train Employees to Practice Secure Internet Conduct
Viruses and malware don’t just appear out of thin air. For these to get into your system and wreak havoc, they’ll need to be given access (albeit unwittingly) by your fellow employees. Explain to your boss that training employees is one of the most effective ways to keep business data secure.
For big companies, hiring an internet security expert to create and conduct training modules specialized to all your departments is the easiest fix. For smaller business, there are many free training resources online. Some of these resources are listed in this MS-ISAC website. To get your company started though, here are few basic internet security practices:
- Keep a clean machine. Establish strict protocols involving installing external software on work computers that could potentially jeopardize your system.
- Create better passwords. Our lives are so interlinked with the internet that many of us have so many passwords to keep track of. This leads to laziness when creating passwords. But any kind of laziness in the workplace should not be tolerated. Check out this Microsoft guideline to creating passwords that will stump a hacker, but will still be easy for users to remember.
- If it looks suspicious, junk it. No matter where or from whom it comes from (email, social media, ads, etc.) if a link or attachment looks suspicious, all employees should trash it.
2. Regularly Update and Patch Websites and Servers
To make sure that your company’s website and servers are secure, suggest to your boss that you need to have a strict schedule for updating and patching them. If your company uses a content management system (e.g. WordPress) or an e-commerce platform (e.g. Shopify), know that hackers love attacking plug-ins in these systems.
Take all precautions to make sure that those in charge of the website are updating and patching on a regular basis. Explain that doing this ensures that any vulnerabilities in your system are fixed as soon as (or even before) they appear.
3. Back Up All Files
In the event that your system does get compromised, your only saving grace will be a very robust backup system for your critical data and your website. Encourage your boss to invest in a back-up system either offsite or in the cloud. Suggest that the company also employ a regular back-up protocol and schedule either daily or weekly. Your webmaster should also be advised to have a similar back-up schedule for your company’s website.
4. Enforce Mobile Device Security Protocols
If your company allows employees to access the office’s internet or confidential information through their mobile devices, that can be a potential internet security vulnerability as well. Suggest to your boss that it would be worth it to create mobile device security protocols for your company. Aside from the tips already shared above, all employees should be required to password protect their devices and install security apps on their devices. Also, create reporting procedures for all employees should any of their devices be lost or stolen.
5. Get a Virtual Private Network
Even with all of these internet security measures in place, sometimes someone will slip up and everything can go awry. For the ultimate internet security measure, encourage your boss to invest in a Virtual Private Network (VPN) for your company.
A VPN is a group of computers networked together using public wires – usually the internet. Your business can use a VPN to securely connect remote datacenters and allow employees to access the network when they’re not in the office. The beauty of using a VPN for the office is that is creates a secure tunnel that encrypts all of the data being received and sent by your company. You can see a comprehensive list of VPNs and their features at http://securethoughts.com/best-vpn/
Bonus Tip: Change the Default WordPress Username
Leaving the default username “admin” for WordPress websites is a sure way to get your company’s site hacked. If your company leaves the username as is, all hackers have to do is find out what your password is. Learn how to change the default WordPress username with this tutorial.
If your boss takes you up on these suggestions while employing all the usual internet security practices (e.g. installing anti-virus software, etc.), these changes have the potential to save your company a lot of money in the long run. Who knows? Your assertiveness and forward thinking might even score you a raise or a promotion. At the very least, you’ll be on your boss’ good side.