Computing good practice for small organisations
Almost all businesses now have to rely on computers for at least part of their work. Keeping devices secure and keeping data safe while allowing the organisation to do its work can be a bit of a balancing act.
We’ve canvassed the TechResort office, and the organisations we support for tips. Please post yours in the comments.
Tips for making sure your computers are safe and secure
Logins and accounts
Make sure that all computing devices are protected by logins. So that means user accounts and passwords on computers, and PIN, pattern, finger print or facial recognition for mobile devices. Make sure volunteers and employees also stick to this if they’re using their own devices.
Have non-admin accounts on laptops for ordinary use. This prevents accidental installation and deletion of applications
Anti-virus software
Install good quality anti-virus software, ideally, paid for accounts. Make sure it’s always enabled.
Sharing
Try and avoid website, file sharing and other services credentials between different people. If possible set up several user accounts. This will allow you to withdraw access later if an employee leaves.
If you share files or other resources using GoogleDrive, MS One Drive or other similar services, check regularly to make sure permissions are still appropriate. Make sure you know who you’re sharing with.
USB sticks are fantastically nimble ways to share data, but they’re also insecure so use with care. Consider attaching a sturdy label to them and writing what they’re used for.
For shared data resources (file servers, etc) have a meaningful structure for folders so it’s easy to save in the right place. Use consistent conventions for saving files that will make it easier to retrieve them later. Consider things like ‘Payslips202011.pdf’ rather than ‘Nov20Payslips.pdf’ as the function is clear and the files will sort naturally into chronological order so you can find them again.
Find my device
If staff and volunteers need to take devices out in the field regularly, consider enabling “find my device” services. Just in case they get mislaid.
Sensitive data and information
Be especially careful with sensitive data on laptops and mobile devices. Encrypt if you can, keep minimum data on the device, use secure cloud based services if appropriate.
Insurance
Make sure your computers and devices are insured. Make sure the insurer is aware if they regularly leave your normal place of business. Keep details of makes, models and serial numbers of all equipment just in case.
Regular updates
Ensure that operating system and applications are updated regularly. Updates often patch identified security problems or fix common bugs.
Backups
Make sure all important data is backed up regularly. Cloud services, other computers, file servers or external hard drives are all possible methods. If data is really that important have more than one copy and keep at least one-off the premises.
Wifi
If you have visitors to your building and you want to allow them to use your wifi then it’s best if you have two separate accounts set up. One as a guest and one as staff so that your visitors don’t have access to your internal machines.
Professional consultation
As the organisation gets larger or more complicated, consider consulting a professional network/ IT consultant to help you set up more robust measures.