Top 10 List of Cybersecurity Best Practices for Manufacturers
Tip #1 – Remember that YOU are a target to hackers
Don't ever say "It won't happen to me". We are all at risk and the stakes are high - to your personal and financial well-being, and to the company’s standing and reputation.
-
Keeping company computing resources secure is everyone's responsibility.
-
By following the tips below and remaining vigilant, you are doing your part to protect the company, yourself and others.
Tip #2 – Keep software up to date
Installing software updates for your operating system and programs is critical. Always install the latest security updates for your devices:
-
Turn on Automatic Updates for your operating system.
-
Use web browsers such as Chrome or Firefox that receive frequent, automatic security updates.
-
Make sure to keep browser plug-ins (Flash, Java, etc.) up to date.
-
Partner with a trusted IT vendor to determine other necessary updates.
Tip #3 – Avoid Phishing scams - beware of suspicious emails and phone calls
Phishing scams are a constant threat - using various social engineering ploys, cyber criminals will attempt to trick you into divulging personal information such as your login ID and password, banking or credit card information.
-
Phishing scams can be carried out by phone, text, or through social networking sites - but most commonly by email.
-
Be suspicious of any official-looking email message or phone call that asks for personal or financial information.
-
Always double-check the domain name of the sender to ensure that you’re not receiving an email from a spoofed address.
Tip #4 – Practice good password management
We all have too many passwords to manage - and it's easy to take short-cuts, like reusing the same password. A password management program can help you to maintain strong unique passwords for all your accounts. These programs can generate strong passwords for you, enter credentials automatically, and remind you to update your passwords periodically.
Here are some general password tips to keep in mind:
-
Use long passwords – 9 – 12 characters or more is recommended.
-
Use a strong mix of characters, and never use the same password for multiple sites.
-
Don't share your passwords and don't write them down (especially not on a post-it note attached to your monitor).
-
Update your passwords periodically, at least once every 6 months (90 days is better).
Tip #5 – Be careful what you click
Avoid visiting unknown websites or downloading software from untrusted sources. These sites often host malware that will automatically, and often silently, compromise your computer.
If attachments or links in email are unexpected or suspicious for any reason, don't click on it. Remember to look for the locked padlock in the upper left of the URL bar when searching online.
Tip #6 – Never leave devices unattended
The physical security of your devices is just as important as their technical security.
-
If you need to leave your laptop, phone, or tablet for any length of time - lock it up so no one else can use it.
-
If you keep sensitive information on a flash drive or external hard drive, make sure to keep these locked as well.
-
For desktop computers, lock the system screen when you walk away or it’s not in use.
Tip #7 – Protect sensitive data
Be aware of sensitive data that you come into contact with, and associated restrictions - review the company’s policies to understand data protection level requirements. In general:
-
Keep sensitive data (e.g., SSN's, credit card information, client records, financial information, etc.) off your workstation, laptop, or mobile devices.
-
Securely remove sensitive data files from your system when they are no longer needed.
-
Always use encryption when storing or transmitting sensitive data.
Unsure how to store or handle sensitive data? Contact Machado Consulting and ask!
Tip #8 – Use mobile devices safely
Considering how much we rely on our mobile devices, and how susceptible they are to attack, you'll want to make sure you are protected:
-
Lock your device with a PIN or password - and never leave it unprotected in public.
-
Only install apps from trusted sources.
-
Keep your mobile device's operating system updated.
-
Don't click on links or attachments from unsolicited emails or texts.
-
Avoid transmitting or storing personal information on the device.
-
Most handheld devices are capable of employing data encryption - consult your device's documentation for available options or contact Machado Consulting for help.
-
Use Apple's Find my iPhone or the Android Device Manager tools to help prevent loss or theft.
-
Backup your data.
Tip #9 – Install anti-virus protection
Only install an anti-virus program from a known and trusted source. Keep virus definitions, engines and software up to date to ensure your anti-virus program remains effective.
For personally-owned systems and computers, Machado Consulting can recommend anti-virus software programs for Windows and Mac.
Tip #10 – Back up your data
Back up on a regular basis - if you are a victim of a security incident, the only guaranteed way to repair your computer is to erase and re-install the system.
Here are some additional tips to help keep you safe and secure online:
-
Use a firewall - Mac and Windows have basic desktop firewalls as part of their operating system that can help protect your computer from external attacks.
-
Use public wireless hot-spots wisely - follow these tips for staying safe.
-
Be conscientious of what you plug in to your computer (flash drives and even smart phones can contain malware).
-
Be careful of what you share on social networking sites.
-
Monitor your accounts for suspicious activity.
-
Bank or shop online only on trusted devices and networks - and logout of these sites when you've completed your transactions.
- Train your employees – Make sure that employees have annual training requirements and test them to make sure that the training is being understood and reinforced.
Authored by: Machado Consulting, Inc. - click here to download their handy infographic.
To find out what information security training NQA offers click here.