Almost all businesses now have to rely on computers for at least part of their work. Keeping devices secure and keeping data safe while allowing the organisation to do its work can be a bit of a balancing act.
We’ve canvassed the TechResort office, and the organisations we support for tips. Please post yours in the comments.
Good tips
- Ensure that all computing devices are protected by logins. So that means user accounts and passwords on computers, and PIN, pattern, finger print or facial recognition for mobile devices. Make sure volunteers/ employees also adhere to this if they’re using their own devices
- Have non-admin accounts on laptops for ordinary use. This prevents accidental installation and deletion of applications
- Install good quality anti-virus software, ideally, paid for accounts. Make sure it’s always enabled
- Try and avoid website, file sharing and other services credentials between different people. If possible set up several user accounts. This will allow you to withdraw access later if an employee leaves
- If staff/ volunteers need to take devices out in the field regularly, consider enabling “find my device” services just in case they get mislaid
- Be especially careful with sensitive data on laptops and mobile devices. Encrypt if you can, keep minimum data on the device, use secure cloud based services if appropriate
- If you share files or other resources using GoogleDrive, MS One Drive or other similar services, check regularly to make sure permissions are still appropriate. Make sure you know who you’re sharing with
- Make sure your computers and devices are insured – make sure the insurer is aware if they regularly leave your normal place of business
- Keep details of makes, models and serial numbers of all equipment just in case
- Ensure that operating system and applications are updated regularly – updates often patch identified security problems or fix common bugs
- Make sure all important data is backed up regularly. Cloud services, other computers, file servers or external hard drives are all possible methods. If data is really that important have more than one copy and keep at least one off the premises
- USB sticks are fantastically nimble ways to share data – but they’re also insecure so use with care. Consider attaching a sturdy label to them and writing what they’re used for
- For shared data resources (file servers, etc) have a meaningful structure for folders so it’s easy to save in the right place. Use consistent conventions for saving files that will make it easier to retrieve them later. Consider things like ‘Payslips202011.pdf’ rather than ‘Nov20Payslips.pdf’ as the function is clear and the files will sort naturally into chronological order so you can find them again
- If you have visitors to your building and you want to allow them to use your wifi then it’s best if you have two separate accounts set up: one as a guest and one as staff so that your visitors don’t have access to your internal machines
- As the organisation gets larger or more complicated, consider consulting a professional network/ IT consultant to help you set up more robust measures