Security Best Practices Check-List

gold lock on computer keyboardDo You Have the Right Technology to Maintain Privacy & Minimize Data Breaches?

  • Do you collect and maintain sensitive information (e.g. name, address, DOB, SSN, credit card or bank account information, private health information)?
  • Do you want to minimize your risk of data breaches?
  • Not sure where to start?

With technology’s rapidly changing landscape and so many avenues from which to choose, finding the right IT solutions to maintain privacy and minimize data breaches can be a daunting task. To help you get started, we created a security best practices check-list that provides you with basic IT strategies, as well as some less common strategies, to secure your sensitive data.

1. A dedicated firewall appliance that has the following capabilities:

a. Deep packet inspection to provide another layer of security within your firewall.

b. Anti-virus protection that is separate from workstation anti-virus.

c. Web blocker to prevent your organization’s computers from going to unauthorized websites.

d. Intrusion detection/prevention to terminate connections from suspicious looking internet traffic.

2. Anti-virus and anti-malware on each workstation and server.

3. Regular  and timely patch installation for Microsoft Windows and applications, including but not limited to:

a. Microsoft Word, Excel, Outlook

b. Adobe Reader

c. Adobe Flash

d. Java

4. Folder security for sensitive data such as your Payroll, HR, and donor information to protect against misuse or accidental exposure.

Have you already implemented these strategies?  Check (hopefully).
Consider the following less common strategies:

1. Implement stronger passwords and change them frequently.

2. Hard drive encryption on the workstations, servers, and mobile devices to protect your sensitive data if the device is lost or stolen.

a. What happens when your computer, workstation or server is retired?  How do you protect the sensitive work data stored on these devices?

b. What about mobile devices such as cell phones and tablets?  If your organization’s emails are accessed through your mobile devices, they each store a significant amount of sensitive data.

3. Disabling USB ports to protect sensitive data from leaving the organization without authorization.   Limit connectivity to approved devices only.

a. If you do allow the use of USB drives, make sure they are encrypted.

Do you collect and store sensitive information? Security breaches are happening every day, and your reputation is the first thing to be impacted when a breach occurs.  There are numerous strategies and techniques to consider when protecting your data.  Please contact the James Moore Technology Solutions’ Team for a complimentary security assessment.