When thinking about securing your business from cyber threats, the mind quickly turns to phishing, hacks and viruses, but there are many security threats in and around the office that can expose your business to a host of threats and cybersecurity issues. In conjunction with a solid cybersecurity solution provided by your MSP, be sure you and your employees follow these office tips to protect your physical workspace from system comprises, unauthorized breaches and data loss.
1. Unlocked devices
Mobile phones, laptops, desktops, tablets and even printers/multi-function devices should all be locked and password protected when unattended, as any of these (and any other) network-connected devices can be comprised, allowing for unauthorized access into your system or unauthorized removal of data from it. Even though most devices lock/power down after idling for some period of time, create an officed culture where locking devices becomes second nature for all employees.
2. USB Drives
USB drives pose a host of security issues. Unknown drives should never, ever be used, as they could easily contain hidden malware or spy software that could exfiltrate data or install ransomware on your network. However, those drives that you do use for normal business functions must be kept under lock and key, so they are not compromised with malware, misplaced or stolen. USB drives make it far too easy for curious eyes or unauthorized user to get a peek into sensitive or confidential business information, and are unfortunately left behind in public places (airports, coffee shops, etc.). Make sure any and all USB drives used in your business are cataloged and their whereabouts known at all times—or perhaps look to cloud solutions for sharing/transporting data.
3. Paper Documents
What may be innocuous to your employees could be valuable to others who’d want to infiltrate your systems. At the end of the day, be sure that papers, reports, financial records and any other proprietary data is off desk surfaces, locked away, or shredded (i.e., not in the trash). After they are no longer needed, shred any documents with financial records, proprietary data or confidential information. And of course, to minimize this issue, go digital wherever possible.
It’s a common occurrence, even in the face of many strict cybersecurity policies, but many employees use notes or cheat sheets for the various usernames, logins and passwords they require for day-to-day work. Nothing could defeat the purpose of a password more easily than this practice, and leaves the door wide open to anyone who accesses your office to gain entry into your network and systems. Discuss a software-based password management system with your MSP and seek out an option that will work best for your business in order to prevent this risky behavior.
5. Wallets and Keys
Just like easily-accessed passwords are a threat, wallets and keys that are left on desks during meetings, bathroom breaks, lunches, etc., can all leave your business exposed to unauthorized entry. Pay special attention to this if there are areas of your business under lock and key, or if ID/keycards are used, as these are typically kept in wallets. Misplaced keys and access IDs can quickly lead to tampered or duplicated methods of access, so if need be, offer lockers or secure places where employees can store their personal belongings while they work.
These are just a few security best practices to enact in your workplace, alongside an effective cybersecurity solution. If you’re thinking about protecting your business from cyber threats, let’s discuss a few options that could work best for you.