At this time of year laptops and mobiles are increasingly vulnerable to theft or misuse. Employees are taking laptops off-site to visit customers or work from home but security is probably the last thing on their minds. As a result there’s a high chance of devices being lost or left unattended.
Administrators have plenty to deal with at year-end but some simple steps now can reduce the risk of a lost mobile turning into a data breach over the holidays. Review your data protection procedures and ensure that the risks of remote working are addressed and documented. Also, take time to remind employees about their responsibilities for keeping laptops secure.
To help you, we have provided a security checklist below of the issues to include in your audit, and some best practice tips to share with employees, contractors and service providers.
If you are planning to upgrade your Windows O/S software over the holidays, ensure you follow the information provided in the October newsletter.
The Alertsec Help Desk Team will be working throughout the holiday period and will be here 24/7 to answer questions or provide support.
May we take this opportunity to wish all our customers a very happy, and secure, festive season.
Over the holiday period more people will be working remotely. As well increasing the risk of laptops getting lost or stolen, it introduces other risks such as family members using Mom or Dad’s laptop and compromising sensitive data. Now is the time to ensure these issues are reflected in your security processes. Here is a checklist of factors to include in your audit:
Ensure policies such as Encryption Compliance, Laptop Security, Password Management and Data Sharing include roles & responsibilities for remote workers.
Identify all end-points where data is stored. This could include USB flash drives, mobile phones, email servers and cloud-based storage.
Check your Alertsec subscription to ensure you have the necessary encryption tools eg. full-disk encryption and media encryption. Document encryption provided by cloud-storage providers.
Check encryption deployment and compliance. Ensure old user accounts have been closed. If you share data with third parties, ask for a report of their encryption processes.
In 2016 we reported innumerable data breaches where human error has given hackers a free gift, such as leaving a copy of the decryption password with the laptop. Cyber criminals are expected to step up activity over the holidays so, as a precaution, share these best practice tips with colleagues: