Valuable security advice for all

Valuable security advice for all

February 28, 2019

Office security should be viewed as a shared responsibility. While Salvus has implemented systems and protocols to protect your environment, one errant click can cause serious damage to a network. Every user has the opportunity and obligation to help preserve their company’s network. Try to apply the advice below to your everyday workflow and help keep critical data and assets safe from outside threats.

 

Passwords

It seems obvious but password strength is a simple step in protecting valuable data. Here are some steps you can take to improve your password security:

  • Use more than eight characters

  • Mix it up with special characters, numbers and upper and lower case letters

  • Do not leave it written down near your computer

  • Do not reuse passwords for multiple sites. In case it gets into the wrong hands, this will limit the damage

  • Use a password manager, there are multiple free options out there

 

Keep an eye on your device

  • Lock your screen when you leave your machine. You don’t want the wrong person to be able to access your email, private data or the network resources to which you have access

  • Be mindful if you have to leave your computer, tablet or phone. Consider locking the door or putting the device out of site. This can prevent theft as well as an opportunity for someone to infect your machine

 

Security should be top of mind, always

  • The best defense against outside threats is as simple as thinking about security. Most attacks and breaches all start with the same mistake, human error

  • Be aware of what you are clicking. Be it a link or attachment in an email or when browsing the internet, it just takes one click to open the door to an attacker

 

Multi Factor Authentication

  • A solid password is a great start, but more security is always better. Adding 2FA or multi factor authentication creates an additional obstacle for attackers to overcome

  • Multi Factor Authentication requires a “token”, typically a numerical code that is sent to a phone or email address to validate that the right person is trying to log in

 

Understanding that everyone is at risk

  • It is easy to think along the lines of “I don’t have access to anything valuable, I am not a target.” This is simply not the case. Sometimes attackers are just looking for a foot in the door. And the person that thinks they are not at risk are the attackers favorite targets

 

Limit personal and sensitive information

  • As stated previously, human error is responsible for most security breaches. Attackers will look for any information they can find to manipulate their targets

  • Avoid sharing too much business related information, this can be used in phishing campaigns to get you to lower your guard

  • Be protective of this kind of information when you are unable to verify who you are communicating with

  • Be suspicious of anyone asking for specific detail about financial details or office personnel

  • If the attacker knows that Mr. Smith is your boss, they will make their phisihng emails look like they are coming from Mr. Smith, creating a false sense of security

 

Implementing this advice into your everyday workflow can significantly improve overall security. As long as your are thinking about security you are making life much more difficult for the attackers. So watch what you click and stay safe!