Your IT is only as secure as your weakest link

telanova: the outsourced IT team that feels like your own

Providing advice, consultancy, helpdesk, monitoring and maintenance, updates, upgrades, security: all the things your in-house team would do, but better and at a fraction of the cost and hassle.

Your IT is only as secure as your weakest link

Your IT is only as secure as your weakest link. But what are the links? And how do you strengthen them?

Accounts

  • Each person should have a unique strong password for each account, application and website
  • Enable two factor authentication for every account that supports it
  • Use a password manager. LastPass Enterprise will “score” each person so you can see who is not following best practices

Devices

  • Ensure all devices are protected at all times by a firewall, next-gen antivirus, web filtering and email filtering
  • Ensure security patches are installed as soon as possible. Not just Windows updates, but your applications too e.g. Chrome, Adobe Reader etc
  • Don’t take it on trust that everything is doing its job, actively monitor each device

Data

  • Regularly backup all business critical data off-site, and retain for an appropriate length of time. Make sure your colleagues aren’t storing data anywhere that isn't backed up. Test your backups actually work by carrying out a full disaster recovery test.
  • Protect your data from physical theft. Encrypt devices at risk of being lost or stolen such as PCs in public areas, laptops, mobiles etc
  • Limit the damage that can be done from a single compromise by making sure each person only has access to the data they need to do their job.

Policies

  • Document your IT policies - Acceptable use, BYOD, Security etc
  • Make sure they are simple and easy to follow e.g. don’t just say “Use a strong password”, spell it out “10+ characters, 1 upper, lower, digit, symbol, isn’t easy to guess”
  • Enforce them by technical means where possible e.g. setting minimum password length and complexity.

Procedures

  • Document your IT procedures and ensure they are not vulnerable to social engineering
  • Instil a culture of insisting procedures are followed, and always insist they are followed yourself

People

  • Train your staff how to spot threats, what they should do if they think they might have been compromised, and who they should report incidents to
  • Carry out simulated phishing attacks and provide additional training to anyone that falls for them

Working from home?

Every single point applies just as equally to home workers and their home working setup, even if working from a personal device. If you make exceptions for home working then that becomes your weakest link!

Do you have any weak links you would like to improve? Or is your current IT provider letting you down? Engage telanova as your IT team!

Email Facebook Google LinkedIn Twitter

We use cookies to provide you with the best possible experience in your interactions on our website

You agree to our use of cookies on your device by continuing to use our website

I understand