Carefully Choose Your Passwords
- Avoid passwords too easy to guess
- Conform to the password creation policy by following its prerequisites such as:
- 8 characters minimum
- At least one capital letter
- At least one special character (ù, £, $, μ,%, etc …)
- At least one number
Within the company it is better to never register passwords, to reduce the risk of intrusion.
Perform Regular Or Even Automatic Software Updates
- On a personal computer, it is advisable to regularly update the software as well as the operating system (Windows, Mac OS, etc …)
- On a professional computer, it is also advisable to make these updates EXCEPT if you have an outsourcing service or an external service provider, in which case it will ensure the maintenance of your position.
Know Your Users And Precisely Manage Access Rights
Within the firm, it is critical to ensure the consistency of the security policy, for this it is:
- Define the Administrator account and the User accounts. The Administrator account that allows you to make changes to computer security settings and software updates.
- Manage movements and access rights by user or group of users.
Perform Regular Backups
The data of a company is essential to its good functioning: they are critical for its activity. Online backup, automatic, encrypted and outsourced, is the best way to ensure a complete data recovery and ensure, in addition to security and total confidentiality, a rapid recovery of activity in case of disaster .
Secure WiFi Access
In the workplace, users can express the need for Wi-Fi access to the Internet from their nomadic posts (laptops and smartphones). This trend “Bring Your Own Device (BYOD) poses problems of information security. Since the Wi-Fi network is intended to circulate the same sensitive information as wired networks, it is essential to ensure that it is not a weak link in the system and network infrastructure.
- The access point to the Internet via WiFi must be secured by a password (WPA2 or WPAES protocol) that must be defined according to the password policy set by the administrator.
Be As Careful With A Smartphone Or Tablet As With A Computer
- Mobile tools (smartphones or tablets) are not very secure
- Some safety rules
- Install only necessary applications
- Check the data that these applications have access to
- Disable “intrusive” access
- In addition to the PIN code that protects the smartphone card, use a password to secure terminal access or set up an automatic lock.
- Perform regular backups on these tools
- Never pre-register passwords
Privilege The Use Of A Professional Email
It is essential to be able to exchange securely. So having a professional email, based on the company’s domain name (IMAP or Exchange type), allows you to have:
- An antivirus and antispam included directly on the server.
- Encrypted communications
- 99.99% service availability
- A backup of your emails made directly on the server.
In common use, there are some precautions to take:
- Check the coherence between the sender and the contents of the mail
- Do not open attachments from unknown contacts or who are not expected by the recipient
- Never reply by email to a request for personal or confidential information
- Do not relay message strings
- Disable automatic opening of downloaded documents
Download Programs Only On Official Sites
- Downloads on unofficial sites contain malicious viruses
- Inform your IT department of your software need before installing it yourself.
- Download programs only from official publisher websites
- Disable boxes offering to install additional software.
Be Cautious When Issuing Internet Payments
- Bank details can be intercepted
- Check that the Site address starts with “HTTPS” and check it
- Privilege purchases with an order confirmation by SMS
- Never communicate your bank details by email or SMS