Four good computer security reflexes

According to Les Affaires, approximately one in five Canadian businesses is the victim of at least one cyberattack each year. Cyberattacks targeting SMEs are on the rise.
This represents only a fraction of the number of cybersecurity breaches. They are due to the adoption of various digital technologies, but also to a lack of prevention.

Indeed, in all these cases, the user is often the weak link.
Employee education and collaboration on security issues are effective ways to protect against unfortunate incidents. Even the most sophisticated systems can do nothing against human error, whether it's due to a leaked password or the insertion of a corrupted USB drive.

Here's why we're offering you four good IT security practices to implement in your organization.

Distrust of emails

Despite numerous prevention campaigns in this regard, email is the easiest method to gain access to your system. Hackers are becoming more sophisticated; the wording is becoming more authentic, and phishing emails are becoming more authentic. Some messages will be virtually identical to the template your organization uses. Therefore, the watchword is vigilance.

It's important to be wary of attachments, paying attention to the sender's name and any other details. Even if they're people you correspond with frequently, be on the lookout for the content (quality of language) and format of their messages (unusual characters), the sender's address and the reply-to address. Assume there's no trusted contact.
When you hover over a link, check that it takes you to the correct URL.

Adoption of "strong passwords”

The two most important rules are to never use the same password for different accounts (e.g. workstation, email) and the number sequence 1, 2, 3, 4, 5, 6. You should change them regularly and avoid using passwords related to your personal life, such as your date of birth or place of birth.

Choose long, complex passwords (around 12 characters). Don't look them up in a dictionary; mix uppercase and lowercase letters and special characters. If you're worried about forgetting it, write down the entire password, but remove two numbers and letters, which you can write in different places.

Use of multiple authentications

Passwords mean multiple authentication. When organizations enable remote work, this means remote access to your network from different devices. Your business-critical applications should be doubly protected.

If an employee wants to connect remotely, they should enter their password and log in a second time using a code sent to their cell phone or email. Additionally, when working remotely, your staff should ensure that the wireless network they use is secure. They should avoid open networks and accessing the internet through Wi-Fi hotspots.

Regularly back up your data

Regularly backing up your data is essential to any IT security policy, especially if it involves backing up to a system external to your own. In the event of a failure, rapid data restoration remains your preferred solution. Your business will be able to continue operating without encrypted data.

The golden rule of data security is 3-2-1. You should have three copies of your data on two different media, one of which is located off-site.

To back up your information off-premises, you don't need to install a new server or any other physical infrastructure. You can simply use cloud services—a service we offer at Nexxo IT Solutions.

In conclusion, it's important to prevent situations that could potentially compromise your systems. Investing in IT security and staff training will save you time and money. Whether in the event of a cyberattack or disaster, your organization will be prepared and ready to respond quickly.