This week, it's time for information about digital security and what you can do about it. When I previously discussed security, I mentioned that the tone when people talk about digital security, privacy, and recently hacked companies is dire, but I want to focus on what you can do about it. Recently, Entrepreneur published two great articles on the topic, one broadly covering the topic and the other specifically addressing the issue of employee theft.
In the article which broadly covered digital security I'd like to focus on the latter two points: the illusion of security and the right approach. First, it's important to remember that ignoring security entirely is asking for trouble, but going overboard can be just as costly. Securing your systems is an on-going process and should be discussed regularly - whether that's an audit of who has access to what or just a discussion about what services are being used and where the credentials are. The task of adding digital security of company systems will never be finished, so make sure you're budgeting for those costs appropriately. That said, there are five very simple things that can be adopted by every company and cost nothing that are outlined in more detail in the aforementioned article:
- Pick good passwords and change them often. If you don't want worry about forgetting your password, get a password manager like LastPass or 1Password so you can generate them randomly and not have to worry about committing them to memory.
- Secure your wi-fi connection.
- Inform your employees, not just about policies, but about schemes engineered to gain access to systems. Social engineering is how many of the largest companies are being hacked.
- Segment your information and don't give employees access to things they don't need to have access to.
- Keep yourself up to date with news and information so you can intervene when an employee is doing something insecurely.
All five of these things are simple and free and can save your company a significant amount of money in the long-run. In an upcoming blog, I'll go into more detail on the second article, which looked at how to address employee theft.