Recently a few folks from our team attended a Native Edge Institute (NEI) sponsored by the National Center for American Indian Enterprise Development (the National Center) at Microsoft’s Corporate Headquarters near Seattle, WA. The main focus of the gathering centered on technology in Indian Country with a special emphasis on cybersecurity. It was clear to our team that we are in the right spot at the right time to help with these complex but necessary technology projects.
Last month, I told you about the benefits of being in the cloud and particularly considering Microsoft 365 if you haven’t already and that we would talk about security this month. Today I want to provide you with a basic checklist for your Information Technology (IT) staff to ensure that the building blocks for data security is in place and then that you have a strong and enforced user policy.
Network administrators must be sure to install firewalls, anti-malware, and access authentications systems to secure technology infrastructure. They should also arrange for ongoing security training for users and inform them regularly about new scam emails or viruses and investigate breaches thoroughly. Timely and frequent communication is the key to mitigating avoidable issues.
High points of a policy that needs to apply to all employees, contractors, volunteers and anyone who has permanent or temporary access to systems and hardware includes these components.
1. Protect all company and personal devices – by password protecting, utilizing antivirus software and not leaving devices unattended.
2. Keep emails safe – by avoiding to open attachments or suspicious links or clickbait titles (e.g. offering prizes and advice).
3. Manage passwords properly – by choosing complex ones with a variety of characters and changing them every two months at a minimum.
4. Transfer data correctly – by sharing confidential data over the company network and not over public Wi-Fi or private connections.
Some of these seem like common sense but you’d be surprised how much time IT departments spend cleaning up after internal end-user policy violations. If these basics are in place you have set yourself up for success – so ask your IT professionals how secure is your data?
This editorial was written for and published in the Tribal Business Journal, October 2018 issue.