- Develop a security plan for mobile working.
This means encrypting laptop drives, and setting mobile devices to lock automatically when unused for a certain length of time. These small changes put up barriers that could deter the lazier hacker.
- Educate your employees.
Poor password choices and a willingness to give out details to anyone who “sounds official” are a leading cause of security breaches.
- Create an incident response plan for IT security.
There should always be someone monitoring security events on your computer network. In the case of a security breach, employees should know, and follow, a specific procedure to minimize the damage of computer or network intrusions. If you’re struggling to develop your incident response there are companies out there who offer data protection training for very reasonable prices.
- Review your risk management plan.
Add an IT security section if you don’t already have one. Again, there are companies that can help you develop your management plan.
- Be selective about handing over network privileges to employees.
You should also be proactive about revoking those privileges if an employee leaves the company.
- Limit the use of removable media within the company.
This applies to bringing data into the network, as well as copying data on to removable devices for use elsewhere. You can encrypt USB sticks and CD/DVD’s to offer greater protection when moving data around.
- Pro-actively monitor all IT systems and review network logs.
You need to ensure that someone in your office is keeping an eye on who’s accessing your network. Without this, knowing who is coming and going on your network is incredibly difficult and hackers could dip in and out without your knowledge.
- Apply security patches for all software as soon as they are released.
Patches are pieces of software that are designed to fix a problem, whether this is a vulnerability that could affect security, or bug fixing.
- Install anti-malware software.
Perform regular scans for viruses, Trojans and malicious applications that could be hoarding your sensitive data.
- Install firewalls and intrusion detection systems.
Close unnecessary network services and filter unauthorized traffic. Test your firewalls regularly.