Portable devices are designed to be easily transported and a lot of sensitive business information may be carried around outside the office, for example, sales or customer data.
Make sure you manage the physical assets themselves, as well as the security of the information they contain.
Protect your computers from threats online
- Update software – including operating systems, web browsers, browser plugins and other applications. Hackers use vulnerabilities in software to access computers, smartphones or tablets. Using automatic updates and installing updates as soon as they become available is one of the best ways to protect your business.
- Use unique and strong passwords or passphrases. Passwords are an important line of defence but they won’t protect your business if they are easy to guess. It is also important to use different passwords across your business – otherwise you are giving criminals one key that opens everything.
- Install security software and use spam filtering. Security software, such as anti-virus and firewalls are used to protect your business from malicious software, while spam filters protect you and your staff from illegitimate and malicious messages. These solutions are not only a good first line of defence, they can also alert you when things go wrong by monitoring your computer and detecting unusual behaviour.
- Use encryption on computers and mobile devices such as laptops, tablets and mobile phones. By using encryption on your computers and mobile devices, your valuable business information will stay safe – even if your device is lost or stolen.
- Use a secure internet connection and secure your Wi-Fi. Your internet connection provides a channel into your computer that could be exploited for malicious purposes if it’s not protected.
- Don’t use the administrator account for daily tasks. The administrator account allows administrators to do important things like install software or give access to other users. But this level of access can be misused if it falls into the wrong hands. Ideally, this type of account and related access should be limited to your organisation’s system administrator. Ensure that standard user accounts are created for everyone else and used for everyday activities. Only log in to the administrator account when required.
- Disable untrusted Microsoft Office macros. Macros are small programs that automate common tasks in Microsoft Office documents.