The Worst IT Mistakes Businesses Make When They Forget About Security

IT without security is a mess waiting to happen: Don’t make these mistakes! No business should make an IT decision without considering data security. When the two get separated, IT decisions start to develop serious problems. Too many companies have focused on adopting a particular solution without exploring how safe it is…which leads to problems […]

IT without security is a mess waiting to happen: Don’t make these mistakes!

The Worst IT Mistakes Businesses Make When They Forget About Security

No business should make an IT decision without considering data security. When the two get separated, IT decisions start to develop serious problems. Too many companies have focused on adopting a particular solution without exploring how safe it is…which leads to problems like these. Don’t do these things. Hackers love these things.

1. Not Using Any Extra Security Software

Never assume that the security that comes with your computer is good enough. Don’t fall into the trap of thinking that, “Macs never get viruses” or “The new Windows security software will take care of any attacks.” Security doesn’t work that way – especially for companies that handle sensitive data. Remember the WannaCry ransomware? It and many other types of malware were only created because of a flaw that existed in Windows security software. To avoid the danger of these attacks, you should be using an additional security service at your business. There are a lot of options out there, and you can certainly find a package and price that’s right for you. The extra security is certainly worth it.

2. Creating a BYOD Policy Without Security Requirements

This frequently happens with smaller businesses that are very employee-friendly and jump into a Bring Your Own Device policy headfirst, all smiles and “flexible workplace.” That’s great – but mobile devices are particularly vulnerable to attack. The wrong apps are even worse. Never implement a BYOD policy without clear guidelines for what apps can be used for work purposes, how work data should be handled, and what security or partitioning software should be uploaded onto phones. In fact, many successful strategies focus on ways to prevent business data from ever being stored on phones, which requires more complex virtualization apps. Yes, a good BYOD strategy is sort of a pain for employees. It has to be. It’s much more about compromise than a gift to your employees.

3. Using Good Software That Isn’t Updated

You can have a great, flexible software package that has everything you need and is easy for all employees to understand – and it will be a disaster if you don’t update it for security purposes. Updating schedules are an IT specialty, and should never be skipped or ignored no matter how trivial they seem. This is exasperatingly difficult for many businesses to grasp, and patches go ignored until vulnerabilities appear and data attacks start happening. Here’s the bottom line: Just because your software works fine right now doesn’t mean that it’s safe. And just because you updated your software doesn’t mean all of your employees did. Set an ironclad update policy and stick to it.

4. Relying Poor or Nonexistent Password Policies

This is an infamous problem best summarized by the “sticky note with the password written down, stuck to the computer” problem. Passwords are more than just a way to log into your own account: They are an important part of office security. Fortunately, it’s fairly easy for an administrator to create and assign passwords (a lot of apps can help with this, too) to employees. Don’t let employees come up with their own passwords, and don’t let them write passwords down where everyone can find them!

5. Never Training Employees About New Threats

Extra employee training is a lot to ask for businesses that are already short on time and resources, but it’s especially important when it comes to security vulnerabilities. Employees will not protect their devices and desktop computers unless they are trained and regularly reminded: This has been thoroughly proven. So make some time for security education

6. Setting Up Lazy Wi-Fi Networks

If you have a business Wi-Fi network, it needs to be secured with the latest encryption and administration controls, including robust passwords and device identification. It’s frighteningly easy to steal information from an unsecured wireless network, and too many businesses don’t know the requirements!

7. Choosing Servers or Hosting Services At Random

Ask some of the experts, and many will mention that hosting data and/or managing servers is an area ripe for serious business mistakes. Some companies don’t even know what data is hosted, or how their data is used in cloud services. It’s important to understand exactly what happens to your data, where it is stored, and how it is being protected, either by your own employees or by vendors with hosting services.

Did one of these mistakes hit a little too close to home? We can help your {city} business find new data security solutions! Contact CTECH Consulting Group today to learn more: Call us at (403) 457-1478 or send us a message at info@ctechgroup.net.