These 10 Best Practices for Cyber Security will make your organisation more secure. With the increase in number of hackers, malwares and other threats to your cyber security out there, you can always find a new security practice to enact. This article also contains practices for Good Computing.

1. Creating Specific Access Controls

You need to be very careful about whom you are giving the control of different sections of your organization. Ideally, it shouldn’t be anyone. When you create specific access controls for all of your employees as well as users you will limit their access to only the systems they need for their tasks and limit sensitive data’s exposure.

2. Creating Secure passwords

Characteristics of good, cryptic passwords:

- Must contain a mixture of upper and lower case letters, numbers, and symbols

- Must be of at least 8 characters in length.

- Very difficult to guess (e.g. don't include real words or personal information like username, places, names of family members, pets, birthdays, addresses, hobbies, etc.)

3. Monitor Applications with Access to Data

Applications put your sensitive data at risk. When IT security attempts to protect critical information, it usually involves putting up firewalls and building your infrastructure around the data you want to protect. Then you give applications access to this data. When hackers look to steal your data, they won’t try to hammer their way through your firewall, they’ll look for the least secure system with access to the data they need.

4. Maintain Security Patches

New techniques are constantly invented by hackers and they are looking for new vulnerabilities. To keep your network protected, make sure your software as well as hardware security is up to date with any new antimalware signatures or patches. Generally we update software and don't give much attention to hardware so make sure hardware is also up to date.

5. Secure your area.

Secure your area before leaving it unattended. Lock windows and doors, take keys out of drawers and doors, and never share your access code, card or key. Make sure to lock up portable equipment and sensitive material before you leave an area unattended.

6. Information on Portable Devices must be protected.

Don't keep sensitive information, critical data, projects, files, etc. on portable or mobile devices like laptop, computers, data phones, memory sticks, CDs/DVDs/floppy disks, PDAs, etc. Store if and only if they are properly protected. These items are extra vulnerable to theft or loss.

7. Users must be aware.

Users will always be your weakest link when it comes to information security. This doesn’t mean you can’t limit this risk through regularly educating your users on cyber security best practices. This training should include how to recognize a phishing email, how to create strong passwords, avoiding dangerous applications, taking information out of the company, and any other relevant user security risks.

8. Downloading Programs.

Don't install or download unknown or unsolicited programs to your computer. These can harbor behind-the-scenes computer viruses or open a "back door" giving others access to your computer without your knowledge.

9. Must Create a Data Breach Response Plan

No matter how well you follow these best practices, you might get breached. In fact, nearly half of organizations suffered a security incident. So if you are having a response plan laid out ahead of time, it will allow you to close any vulnerabilities and limit the damage the breach can do.

10. Maintain Compliance

Hopefully these best practices are a useful guideline for keeping your business safe, but you do have another set of guidelines available to you. Regulations like HIPAA, PCI DSS and ISO offer standards for how your business should conduct its security. More than a hassle which you need to prepare audit logs for, compliance can help guide your business.

Similar Articles: