How often do you think about security? Do you have practices in place to protect your business?

Today, many companies work with a growing number of online resources, doing most business over the internet. While this is a fantastic way to take advantage of powerful collaboration tools and resources, it does come with its risks.

Here are five essential practices your business should be following to keep your employees, data, and infrastructure safe in a connected workplace. Set yourself up for a productive work environment with minimal downtime.

1. Password Protection

The first step in secure business practices is a good understanding of Password protection. A password is your key in to your workspace, whether that be your computer or a website. A weak password is like keeping the door locked but having the key under the welcome mat.

In IT, we have the phrase “security through obscurity.” People that want in know where to look to get in. The most common passwords are brute-forced in a matter of seconds, and even passwords that are complex using common requirements such as a capital letter, number, and symbol are not secure enough to use for business needs.

Businesses should be following these best practices to keep their passwords and accounts safe. The most crucial step is to create complex passwords. A complex password should be hard to remember; in fact, you should not be able to remember it.

How then can we log in if we don’t know our passwords? The answer to that is a password manager. Using LastPass as an example, this is a central vault of all the passwords you need, and it is protected by a master password and multi-factor authentication (MFA). A good password manager will let you create complex passwords for websites and save them securely.

MFA works by adding an extra and complex level of security to software, websites, and apps your employees log in to. MFA follows a simple formula:

• Something you know
• Something you have
• Something you are

Something you know would be the password. As previously stated, this password should be complex and hard to remember. Ideally, it should be the password manager that remembers it for you.

Something you have could be a smartphone that generates a one-use passcode you enter when prompted. It could also be a smart card or security key. Anything physical that gives you access; it can look different depending on the environment.

Something you are an aspect that is unique to you, like a fingerprint or a face. Remember, most people have a smartphone in their pocket, and it is becoming more common for those to authenticate using biometrics like a fingerprint or facial recognition. A smartphone can potentially occupy the last two MFA requirements on one device.

2. Encryption

With many of your workers on the move or remote, encryption is the key to keeping your data safe. Many of the best encryption options are already available to you and easy to set up. Windows Pro, Enterprise, and Education editions allow full drive encryption using BitLocker. BitLocker can be set up on an individual device, but it is most powerful when combined with the features found in Microsoft 365, specifically Intune.

Using Intune, your IT department can assign security policies to your devices. One of which is BitLocker, which can be configured to automatically enable when someone logs into a new machine for the first time.

Why is encryption like BitLocker so critical for your business? Wouldn’t a password be enough to protect your machine? The simple answer is no. Say your employee loses their laptop at an airport while on an international business trip. If someone picks up the machine, they could pull the storage drives out and plug them into another machine, and access all the data on that drive.

BitLocker prevents that from happening. If the drive were accessed, it would prompt for a recovery key to view the contents or even access the drive. These recovery keys can be stored in Azure, a separate USB drive, or printed on a document. It should be a widespread practice to encrypt business machines remote or not.

3. Data Backups and recovery

One of the worst things that can happen to any business is data loss. It can cause significant downtime, decreased profit margins, and damaged customer relationships. Therefore, backups are quintessential to protect your business. Backups can assure that your business can recover quickly if a disaster or attack happens.

Backups need to follow a 3-2-1 procedure to be the most effective and dependable in the event you need to recover data. A backup solution should look like this:

• One primary backup with two copies of that backup
• Stored on two distinct types of media
• Keep at least one backup offsite

Your primary backup needs to have at least two copies for redundancy if the primary backup were to fail or become unrecoverable. Along with this, those backups should be on two different media types. This allows for a failsafe if something were to happen to the host machine or you need to recover without a network connection. These types of media could be:

• A hard drive
• Network-attached storage
• Tapes
• Cloud solutions

You want to diversify the media. Let’s say you choose the cloud as a backup solution. Then you should also have a physical backup of the data. This backup can be kept offsite and safe. Doing these steps will help protect you if you face data loss or an attack.

However, a backup is useless if you can’t recover that data. Your company should periodically check these backups to verify that they can be restored when needed. This could look like doing test restores to a machine or virtual machine to see if you can recover the data.

A good backup should be recoverable at a moment’s notice. There should be little downtime. Good documentation of your company’s backup and recovery process is the last step in ensuring a speedy disaster recovery.

4. Staying up to date

One of the biggest challenges in the world of computers and devices is staying up to date with updates and current technology. Updates are a straightforward way to protect your machines and business. It is often the first line of defense against a threat. Keeping software and Windows up to date is an easy and essential part of protecting a business.

Let’s discuss Windows updates. While restarting your machine for an update can be inconvenient, the time lost is worth the protection or fixes you might gain from running the update. Hackers look for software and operating systems vulnerabilities, and if your business is running out of date software, you are at risk. Microsoft is constantly monitoring these security holes and often releases updates and patches.

Alongside keeping Windows up to date, your antivirus should be updated as well. Windows Defender and other antivirus programs are constantly updating their definitions. If you have outdated antivirus programs, they can be useless in stopping a threat. You need to have these updates run automatically.

5. Managing your documents

A crucial piece in your strategy to protect your business needs to be document management. Your employees should be cautious of sending company documents and sensitive data through email. A good practice your business should follow is assuming email is unencrypted. There are better methods to share data. Examples include a company SharePoint site, OneDrive, and a restricted share on a server.

The employees who need these documents or data should be the only people who can access them. It is critical that you assign the correct permissions to shares and folders. In step two, we discussed encryption, don’t sneak around it.

Taking a sensitive file and sharing it unencrypted in an email defeats the entire purpose of encryption. Your company needs to have standards and procedures for handling documents and data.

Start protecting your business

These are the five essential steps you should follow to protect your business better. You don’t want to be left vulnerable. Practicing simple steps will help protect you and make recovery an effortless process.

Now that you know what you need to be doing, you might need help implementing those changes. Partnering with a Managed Service Provider (MSP) may be an excellent option.

Using Advisicon as your managed service provider equips your organization to work faster, better, and more collaboratively. You can read more about that here or go ahead and fill out this contact form to be directly connected with an IT team member to discuss your specific needs.

Whatever you decide to do, just remember, the more you do to protect your business, the less prone to attack it will be.