Could a data breach be lurking in the dark? Here are 4 tips to help secure devices
This year isn’t over. As we approach darker evenings and the later seasons a data breach could still spook your business at any moment.
According to a recent report by RiskBased Security, 3,800 data breaches have been disclosed so far this year with 4,1 billion records compromised. It’s stated that 2019 has been “the worst year on record” for cyber-security attacks. Mobile and IT security challenges are a rising concern for UK businesses, with more employees using personal devices for work.
Don’t be vulnerable to gaps within your company device policies – ensure your IT and mobile assets are secure. In-line with Cyber Security Awareness month we have put together some security tips your business should be aware of:
1. Best practice for device security
Our first tip is to reassess internal policies for company-issued IT assets and encourage staff training on the following:
Password Protection – Passwords are one of the most discussed issues around cybersecurity but remain an area businesses struggle with. Ensure a strong passcode is set up on internal desktops PCs, laptops and mobile devices for better protection against hackers and theft attempts. Set up a password manager tool and two-factor authentication for maximum security.
Always update software – The latest software updates should be installed to fix security bugs. Turn automatic updates on to be assured that devices are always using an up-to-date operating system. Devices unable to receive the latest upgrades, such as Windows 10 and iOS 13 should be refreshed and recycled just in case.
Lock devices – Make sure your device screen is locked when not in use. A privacy screen protector is also a good touch for preventing shoulder surfing attacks.
Delete old applications – Many iOS and Android applications that are accessible on the App Store and Google Play are riddled with high-risk vulnerabilities. To prevent an application-based malware attack only install programmes from trustworthy sources. Remember to delete old applications that are no longer required.
Use a private VPN – Be wary when connecting to Wi-Fi in public spots when mobile working whether it’s travelling on the train for a meeting or in a coffee shop. Browsing with a private VPN (Virtual Private Network) is the safest option to prevent personal information from being accessed.
2. Protect sensitive data after use
Your laptop, mobile phone or tablet will store a lot of personal and sensitive information internally throughout its use. Simply resetting your device isn’t enough to have complete control. The data security firm, Blancco, found that 42% of hard drives and SSDs tested that were sold on eBay still held data – this is not a safe solution for your business. For full reassurance purchase a reliable data erasure software or look for a certified ITAD data destruction provider who can help to eliminate this risk.
Read this handy guide from the ICO to determine which data disposal method is best for your business.
3. Have an IT asset management plan
For effective IT asset management keep a manifest of corporate hardware so you know exactly where your devices are, all the time. An audit trail will help to maintain inventory records and keep track of device activity and upgrades. Documenting the lifespan for each device as well as it’s purpose and ownership can help to improve the security of your IT environment.
Lost or stolen data bearing assets can pose a major threat to your business if they fall into the wrong hands. Not only could a misplaced company device lead to data loss for the employee but critical business information can be lost too. In fact, 46.5% of enterprises that allow employee-owned devices to access their network have experienced a data breach.
4. Securely dispose of IT assets
Don’t be encouraged to stockpile redundant IT equipment – always ensure devices at end-of-life are securely disposed of via an approved IT Asset Disposal provider.
Some IT recycling companies seem too good to be true – and that’s because they are. They might offer a free collection in hopes of reaping return from your old kit. However, the risks implied with this are not recommended.
Look for accreditations such as ADISA, Blancco and a registered Waste Carrier Licence. You should also receive asset documentation through recycling and data erasure reports which you can use against your next audit. A secure IT recycler will always ensure your devices are disposed of safely whilst meeting security and environmental compliance.
At S2S, we can provide a reliable and eco-friendly solution for your redundant electronic equipment. Feel free to contact our team at 01709 878 878 or request an IT collection here.