Given the highly publicized IT security breaches that have taken place in the past year, now is the perfect time to assess the safety and security of your company’s IT infrastructure.
Workplace technology is constantly evolving, which can lead to new opportunities for hackers to infiltrate your network, disrupt your business activity, and cost you money. So it is important to consider all the potential risks to your IT infrastructure and reassess them annually. This is especially crucial for contractors, since a high percentage of the staff works in the field.
Here are six areas to consider during your risk analysis:
- Password strength. Using a strong password is a critical first step in protecting your company’s data. A strong password should contain a minimum of eight characters, with a combination of lowercase and uppercase letters, numbers, and symbols. Require passwords to be changed every 90 days and prohibit using the same password more than once.
- Access rights. Employee access rights should be assigned commensurate with job duties and should be evaluated annually by management. Also, implement a procedure to remove access rights immediately if an employee is terminated.
- Firewalls and anti-virus software. The use of firewalls and quality anti-virus software are your first line of defense against malware. It is important to ensure your software contains up-to-date definitions and patches. Even the most sophisticated anti-virus software can be susceptible to newly-created viruses.
- Network backups and storage. Institute appropriate backup policies and store them in a secure a location. System backups should be performed and tested frequently to ensure they are working properly. This will aid in preventing the loss of data.
- Data penetration. Consider having a data penetration test performed on your IT infrastructure. This test simulates a hacker attempting to access your system and your company’s information, which will help you see how vulnerable your infrastructure is to malicious programs.
- Email safety. Remind your employees every few months about the risks associated with potentially harmful emails. They need to be cognizant of emails received by unknown senders and beware of visiting web addresses that do not appear to be legitimate.
By considering these recommendations, you can significantly reducing your company’s risk of a security breach.
Contact us for more information about this topic.
Information contained in this alert should not be construed as the rendering of specific accounting, tax, or other advice. Material may become outdated and anyone using this should research and update to ensure accuracy. In no event will the publisher be liable for any damages, direct, indirect or consequential, claimed to result from use of the material contained in this alert. Readers are encouraged to consult with their advisors before making any decisions.