IT SecurityThe Covid-19 Pandemic changed the way the business world operates.  During the pandemic, going to the workplace/office translated to staying in the confines of your own home and working virtually.  As time has progressed, many employees have now begun to migrate (at least a few days a week) back to the office to possibly find new workspace arrangements or even different operating concepts, but what about the IT security?  Has your company taken a proactive approach to secure your computer technology and telecommunications?

What is IT?

Information technology (IT) is used by companies to safeguard information and data with the use of computers, storage, or mobile devices.  It enables employees to troubleshoot when there are issues and thus find solutions to ensure the safety and protection of electronic data.

Essential Tips to Prevent Malware Attacks

IT security is essential to prioritize now that many of you have returned to the office. Below are some risk management actions for consideration to optimize protection of your electronic data:

Secure Microsoft Office Macros- Companies can decide to choose which macros are allowed and trusted and which may pose a threat to security.  If you don’t configure Microsoft office macro settings it can result in malicious code on systems. Ideally, you want to set controls to allow macros from only trusted sources; however, you may need to do the following to determine what is trustworthy:

  • Determine if the macro was established by a trustworthy source.
  • Examine the macro to determine whether there is any malicious code and that it performs as projected.
  • Find out if the macro is linked to an authentic business purpose.

Application Control- This is a way to prevent certain applications from being used by employees. By restricting which types of files can be open, downloaded, or run, you are minimizing the risk of malicious programs being sent and executed.

User Application Hardening- This involves configuring web browsers to block ads, Java, and Flash since these types of applications are known to implement malicious code on systems. Application hardening also stops hackers’ efforts to tamper with or monitor an app.  Overall, it is a method that ensures trusted applications are secure.   

Patch Management- When errors are noticed, this is a way to “patch” and correct the “bugs” or “vulnerabilities” in the software. By applying updates to the software, what was seen as an extreme risk is now considered secure.

Multi-factor Authentication- Anytime a user is accessing highly sensitive, private, or important data, a multi-factor authentication should be required. This makes it harder for hackers to access systems. It also should be required for remote access situations, VPNs (Virtual Private Network), and RDP (Remote Desktop Protocol).

Limit Privileges- You should consider limiting administrative privileges to those with user duties in line with the operating systems and applications. Routinely evaluate those having the strongest need for access.  Keep in mind that hackers will strongly attempt to use these accounts to access personal information and data.

Daily Backups– If your business does encounter a cybersecurity situation, there needs to be a way to access all information/data that was invaded.  Daily backups of software, configuration settings, and data are recommended and should be kept for a minimum of three months.

IT Security is Essential for Your Business Needs

Returning to the workplace may look different than before, but the importance of IT security should remain just as important (if not more so) than before.  If you have any questions or concerns about IT security in your business, call our offices at Burkett & Associates and we will assist you.  We are here for all your Alabama business needs.  Don’t wait.  Call today at 256-704-7400.