Computers and phones are indispensable tools for getting business done and also need to be managed with security in mind. The following best practices are provide for Small and Medium businesses to consider.
Encryption for Computers (Laptops and Desktops)
When your organization’s data is protected, the costs of losing a device are limited to the device, not the information on the device -- assuming the data is backed up (see below).
Make sure to encrypt laptops (especially) and manage recovery keys, so you don’t lock yourself out of your data. Check with your organization’s technical staff before proceeding on company equipment -- this is often managed by IT personnel in larger organizations. If managing yourself, here are some informative articles:
- Windows: https://www.howtogeek.com/192894/how-to-set-up-bitlocker-encryption-on-windows/
- Mac: https://support.apple.com/en-us/HT204837
Coalition’s policy includes coverage for BYOD (bring your own device) or employee-owned computers systems (e.g., laptops, mobile phones, etc.) used for business purposes, ensuring you have coverage, no matter how you kit out your team. We encourage the following:
Leverage email servers to apply mobile device policies to any device that connects to your organization’s email services. Policies to consider:
- Require a passcode to unlock the phone
- Apply that passcode immediately after no less than 10 minutes of inactivity
- Require mobile phones to leverage encryption when possible
On all mobile platforms, keep your operating system software up to date from authorized vendors (example: Apple, Google’s Android).
Make sure that updates are applied regularly, including:
- Operating System (Windows/OS X)
- Microsoft Office and other applications
- Web Browsers and Plugins (Chrome/Firefox handle automatically)
- Other supporting applications such as Adobe, Flash, and Java
- Review updates on a regular interval
Use these techniques on your laptops and desktops as normal practice:
Password policies that align with company policy that include:
- Password Strength
- Password Life
- Lockout Policy
- Disabling guest accounts
- Requiring “auto-locking” screensavers (set timeout of no more than 15 minutes)
Coalition does not have a preferred Anti-Virus vendor at this time.
- Require Anti-Virus be installed and active 100% of the time
- Make sure the Anti-Virus software pushes notifications to you, rather than forcing you to request updates from the software provider.
- Review periodically to verify Anti-Virus is installed and updated
As your organization grows, you may find that software can help you manage all your digital assets, both hardware and software.
- Absolute Software
- Meraki Systems Manager
While not an all-inclusive list, these recommended best-practices will help to reduce your overall risk of a breach. As always, Coalition is here to help you on your way. Please reach out to us for additional information!