INTERNATIONAL FOUNDATION FOR
CULTURAL PROPERTY PROTECTION

Log in

Back From Vacations, a Good Time to Beef Up Cybersecurity

September 25, 2018 12:25 PM | Office IFCPP (Administrator)

Reposted from AP News

As people return to work after summer vacations, it’s a good time to make sure everyone in the organization is sensitive to the need for computer security. Here are some basics that bosses should emphasize to their staffers:

PASSWORDS

Start with creating a strong password. It’s probably a good idea for the company to have minimum requirements for passwords used to access its systems. Those requirements should include a mix of upper- and lowercase letters, numbers and symbols. Many businesses are using two-factor authentication, which requires people to enter a code in addition to the login/password combination. They may also require staffers to periodically change their passwords.

The IRS has guidelines for creating passwords on its website, www.irs.gov ; search for “Tax Tip 2018-129.” While the information is intended for tax professionals, it is useful for anyone.

PHISHING ALERTS

Bosses should remind everyone to be vigilant about phishing scams, which can plant malicious software on a computer or phone. Everyone should understand that they shouldn’t click on any link or attachment in an email unless they’re sure it’s legitimate. It should be standard operating procedure to check a sender’s email address to be sure it’s correct and not suspicious, and the body of an email should be checked for any oddities that can be hallmarks of phishing scams.

As new staffers are trained, they should learn about the kinds of emails they can expect to receive. The more familiar they are with a company’s customers, vendors and other contacts, the better they’ll be at spotting suspicious emails.

LOCKING PHONES AND LAPTOPS

Staffers who can access the company’s systems including its email via smartphones and laptops — whether they’re personal or company-provided — should be required to lock their devices with codes or passwords.

DOWNLOADING UPDATES

If the company has an information technology staffer or department, it should be aware of security and other updates issued by Microsoft and other companies. Each company device should be updated. If there isn’t a dedicated IT staffer, the owner or another manager needs to be sure that all updates are downloaded.

THE OWNER’S RESPONSIBILITY

A survey issued earlier this year by insurer Hiscox found that only half of small businesses said they had a clear cybersecurity strategy. Making systems as secure as possible often gets put on the back burner while an owner works with customers and staffers.

Companies without IT staffers should consider bringing in a consultant who can assess what’s needed to increase security. Among the items companies need are anti-virus and anti-malware software, firewalls, encryption software and offsite storage that continually creates new versions of all of a company’s data. Those versions will be critical if a company’s computers are victims of ransomware attacks that render files and documents unusable.

See Original Post

   

1305 Krameria, Unit H-129, Denver, CO  80220  Local: 303.322.9667
Copyright © 2015 - 2018 International Foundation for Cultural Property Protection.  All Rights Reserved