Network security is one of the most important ways to protect your data from being stolen. Cyberextortion happens every day, affecting big and small companies alike. Luckily, with the right questions asked and a little due diligence, your data will be safe from the hands of those out to steal it. So, let’s look at a few ways you can protect your data.
- Enforce Password Policies. Microsoft has a list of 5 best practices when it comes to password policies.
- Enforce password history – don’t allow users to repeat the last 8 to 10 passwords. This will ensure that users are coming up with different passwords and there is less of a chance of the password getting into the hands of a malicious person.
- Maximum password age – how long a user can use their password before being prompted to change it. Microsoft recommends 30 to 90 days where security is a concern and 120 to 180 days where security is still a concern but a lesser concern (think personal PCs vs company-owned PCs). On company-owned equipment you want your passwords reset closer to the 60 to 90-day mark, but on your personal PC you can look at the 120 to 180-day mark.
- Minimum password age – how long a user must use their password before changing it. This prevents users from changing their password the changing it right back. A reasonable setting for this is 3 to 7 days.
- Minimum password length – Microsoft recommends a minimum password length of 8 characters. If you need or want greater security, try to use passwords that are at least 14 characters in length.
- Password complexity – this includes upper case letters, lower case letter, numbers and/or symbols. Passwords should not contain the username or parts of the end user’s full name. Password complexity ensures that the password is harder to crack.
- Backup your data. Backups can help you in a variety of cases, from accidental file deletion to a natural disaster. Onsite and offsite backups are key to keeping your data safe. These same backups can also help if your company becomes a victim of a cyberattack demanding money to unencrypt your files. Your backups can be restored from the latest point in time and your data will be back to a functional level without having to pay to get your data back.
- Separate your networks. Don’t allow non-company owned PCs to wire into your network. Have a guest network for personal equipment (phones, laptops, etc.) to connect to. You guest network should work as a separate network to prevent unauthorized access to your company data.
- Keep your network updated. Windows patches are not just there to make your system reboot, there are there to keep your system safe. Not only Windows patches but software patches are important as well. This ensures any security holes that are identified in specific software are patched.
- Create a security culture. Security is everyone’s responsibility. Everyone who has a network login is responsible in keeping the data secure. Your company data is just as important as the physical assets. Keep it under lock and key.
At Layered Systems, we utilize the latest in security technology and exercise best practices to protect your network and data. We believe in using multiple, non-conflicting technologies, as no one solution is perfect. We are constantly evaluating new products as well, to make sure we are providing top-of-the-line solutions to our clients. Contact Us today to learn more about how Layered Systems can protect your business.