You may have read this week that a hacker group has reportedly put 200 million Yahoo passwords up for sale. While the alleged incident is still under investigation, data hacks, unfortunately, are not surprising these days.
Despite many layers of complex, state-of-the-art security procedures, the bad guys always seem to find a way in, often preying on vulnerabilities caused by human behavior or other non-technical means. They are relentless. Solution providers need to be just as relentless when it comes to helping their customers minimize risks.
Here are six security checkpoint reminders to keep the security conversation going with your end users:
Do your customers’ employees lock their phones, tablets, or PCs with a password or passcode to keep contents safe? Lost or stolen devices without any security measures can cause real damage to a company if customer data or important records are compromised. Remind your customers that they should train employees and enforce that passcodes be used. Even if a device is stolen or lost, having a passcode could buy valuable time before you get a chance to remotely deactivate or wipe the phone.
While passwords are great, they’re only really helpful if users avoid blatantly obvious words or codes as their first line of defense. If employees use passwords such as "12345", "password", "qwerty" then they need a new password. Tell your customers to have their employees to change passwords every 90 days for further protection. Many corporate environments have password strength policies to prevent simple passwords, but enforcement of those policies may not always be as strong.
3.Dare to Be Different
When hackers steal, buy or sell a list of passwords for one site, you can bet that the bad guys are going to try using the same log-in information across multiple common websites or entry points. Use unique passwords for each site to minimize risk. Again, emphasize that passwords should be changed every 90 days, but that different passwords should be used—and never repeated.
4.Have a Backup Plan
Do you know how often your customers’ files and records are backed up—and that those backups were created successfully? There are plenty of very good automated backup solutions on the market, but it’s worth a little extra time to verify those backups on behalf of your customer—and show them you’ve done this with regular reporting.
One way hackers try to get into a corporate network is by finding vulnerability in the corporate wi-fi network. Wi-fi security is only as good as the security on every device accessing the network. There are some great solutions on the market to help you ensure that your customers can track and manage every device on the network, and can create an alert for something that looks suspicious.
6.Don’t Have Antivirus, Use Antivirus
It’s remarkable how many users have antivirus installed on their system, but haven’t activated it—or it’s out of date. Even with fully functioning antivirus solutions in play, employees have the ability to manually override or delay the update because it “interferes” with something they’re doing. Help your customers by automating processes that schedule regular scans and definition updates. Running regular security reports for them and keep them up to speed on who’s in compliance, and who’s not.
There’s a good chance that you and your customers already use many of these measures, but it’s good to keep the conversation going, to issue reminders. Mentioned recent headlines as examples of what can go wrong if you’re not vigilant on a daily basis. Better yet, click here to download this infographic to pass along to your customers as a means to get the dialogue going.
Learn more by speaking with one of our channel experts or contact us at firstname.lastname@example.org.
# # #
About the Author - Vic Berggen
Vic is the CIO for Global Convergence, Inc. (GCI) and is responsible for the IT portfolio and setting the technology vision for all Global Convergence Companies. He is Microsoft Certified and is an active member of the Computing Technology Industry Association and the Microsoft IT Advisory Council. Vic works with partners to deliver premier supply chain logistics in-country and globally.