6 iron rules of safety for everyone who works with computers

2024 Author: Malcolm Clapton | [email protected]. Last modified: 2023-12-17 03:44

Maintaining digital hygiene is as important as keeping track of the books or washing your hands before lunch. Together with Microsoft, we have compiled an action plan to protect against cyber threats.

Find even more tips on how to protect yourself from digital threats.

1. Check the roles and permissions of accounts

The power of users over the system should not be unlimited. It is enough for employees to have access to work programs. And it is better to leave software installation and control over system files to IT specialists. So you will protect yourself from situations when an employee runs a malicious file on behalf of an administrator and allows him to do everything without restrictions: infecting with viruses, collecting information, spying or using a computer to mine cryptocurrencies.

But delimiting the rights in the system is not enough. Accounts need to be checked and updated from time to time. For example, make sure that new workers do not get extended access. Change settings when vulnerabilities are identified. And check the accounts of employees who no longer work for the company - they must be deactivated or deleted.

2. Keep your passwords secure

Some companies instruct employees to change passwords every 90 days. But sometimes it can reduce the level of security. First, a new access code is often written down in a notebook, phone notes, or a sticker with a password is left on the monitor. Secondly, users often change only the last digit or alternate two familiar passwords all the time. The access code must be changed if it has been compromised, for example, in a leaked database. In other cases, it is not necessary to change the password frequently.

Better improve your password security requirements: they should be long and complex, contain different types of data (letters, numbers, signs). Also, enable password history checking to avoid alternating duplicate combinations. It would be better to supplement the password with multi-factor authentication, such as fingerprint swiping or Face ID face scans.

3. Keep IT instructions up to date

Some of the IT challenges employees are able to solve themselves. To prevent users from contacting sysadmins on any trifles, companies develop wiki instructions with explanations: how to set up mail clients, connect to a VPN, use an office printer, and so on. Best of all, these guides work in the format of a video with a step-by-step process through the eyes of the user. Employees will do everything right, and sysadmins will not die from dumped work, if you follow the regular updates of these instructions. Especially when you have new business processes or devices in your company.

Also, keep the guidelines up to date with rules of conduct when problems and failures arise. Employees need to understand when not to try to fix everything on their own, and know where to run if the computer is seriously disrupted. Make sure that the names and contacts of the responsible sysadmins are always up-to-date in the IT cheat sheets. The easiest way to do this is electronically, so you don't have to give the team new printouts every time.

4. Check the licenses of the working software

Viruses, limiting useful functions, leaking your data are some of the possible consequences of using pirated programs from the Internet. You will save money on buying software, but you will risk your business every day. It is much more profitable to pay for a licensed program than to repair the entire IT system of an office or compensate for the damage to customers whose personal data has leaked to the Network because of you.

Make sure that your employees do not download unverified software from the Internet, but instead tell you what programs they lack to solve work problems. Do not forget to check the validity period of the license and, if necessary, renew it so that the work of the company does not stop at the most inopportune moment.

Reliable and familiar to all business software will help to avoid many problems. It is important that cyber defense mechanisms are integrated into the product from the very beginning. Then it will be convenient to work and you will not have to make compromises in matters of digital security.

The Microsoft 365 suite of software includes a range of intelligent cybersecurity tools. For example, protecting accounts and login procedures from compromise using a built-in risk assessment model, passwordless or multifactor authentication, for which you do not need to purchase additional licenses. The service also provides dynamic access control with risk assessment and taking into account a wide range of conditions. In addition, Microsoft 365 contains built-in automation and data analytics, and it also allows you to control devices and protect data from leakage.

5. Remind employees of the importance of cybersecurity

Digital threats are becoming more and more dangerous, so any company needs to conduct regular IT educational programs. Arrange cybersecurity lessons for the entire team or send periodic mailings. Explain to employees not to leave the computer unlocked when they are away for coffee, or to let colleagues work under their account. Explain the dangers of keeping important work files on your personal phone. Provide examples of social engineering and phishing cyberattacks against other companies.

Alexander Buravlev Technical director of the Aquarius company.

Your employees need to understand why you can't throw work files to each other on social networks or do something bypassing the company's IT systems. Customize Feedback: See how happy your team is with digital data tools. If it's hard for employees, try to optimize business processes.

6. Update your software in a timely manner

In most cases, you get free updates along with the licensed software. In new versions, developers fix bugs, make interfaces more convenient, and also eliminate security gaps and block paths for possible information leaks.

It takes time and a restart of the computer to update the software. Due to the influx of work, your employees may underestimate the importance of the update and click “Remind me later” in the pop-up window for months. Keep your finger on the pulse and avoid such situations: outdated software always makes your business processes more vulnerable. For reliability, enter the final date after which the restart and installation of updates will be forced.

Controlling digital security in the office is convenient with Microsoft 365. It allows you to automatically notify employees when it's time to change the password. The package includes not only the familiar programs Word, Excel, PowerPoint and Outlook mail, but also software for safe calls, a corporate messenger, a program for sharing files over a secure network. With Microsoft's ecosystem, your employees don't have to look for workarounds and download unreliable programs from the Internet.