Tip of the Week: 5 Best Security Practices Hackers Hate
Protect Important Security Credentials
Hackers often target the credentials of major figures within your organization, such as those of corporate executives or IT administrators. These usernames and credentials can then be used to target sensitive information, and must be protected at all costs. It?s important to use encryption to protect these credentials, and to make them as long and complex as possible. If these credentials are stored somewhere, make sure that they?re located in an encrypted password manager, not a shared plain text file.
Restrict Admin Access
You should be able to restrict certain parts of your network on a per-user basis. This means keeping average employees from spying on information that they don?t need to be privy to. This could include financial or personally identifiable information. The basic idea is to restrict this type of information to only the departments that need access to it, like accounting or human resources. The fewer people who can access it, the less chance there is that it will be compromised. Therefore, your team should only have access to information that they require to do their jobs, and nothing more.
Improve Password Security with Best Practices
If you?re using a password manager, you can take advantage of password best practices without forgetting your passwords. These best practices are required if you want to optimize the security of your accounts. You want to use different complex passwords for every single account. These complex passwords should include both upper and lower-case letters, numbers, and symbols. The goal is to make them as difficult to guess as possible. Don?t worry–your password manager will do all of the remembering for you, which is why it?s such a valuable investment in the first place.
Eliminate Shadow IT
One of the ways that hackers will infiltrate your systems is by using forgotten-about software solutions that may lurk on your organization?s workstations. This happens when an employee unknowingly downloads a solution that hasn?t been cleared by IT. This often happens if they want a program, like Microsoft Word, but it hasn?t been officially issued to them.
Shadow IT is well-known as an opportunity for hackers to attack systems, as fake software licenses or malicious programs might be included with any ?freeware? your team finds. You need to emphasize to your team that there?s a process that must be adhered to for new software solutions, and that they need to go through the proper channels (like through IT) before implementing an unapproved solution.
Train Your Staff on IT Best Practices
If you understand the basics of IT security, it can only get you so far without your entire staff being versed in it as well. You want to make IT security a part of company culture. This can be accomplished through extensive training and consistent reminders of how best to avoid threats. Teach them what to do if they suspect that they?ve been hacked, and help them avoid dangerous threats, including malicious links, spam phishing attacks, and unsolicited email attachments.
To learn more about how best to secure your infrastructure, reach out to White Mountain IT Services at (603) 889-0800.