10 Ways to Secure your Workstations
Workstations are what keep your workers… well… working! Nothing would get done if there was nowhere to do it. There are a lot of different threats to your system out there – ergo a lot of different things you should be doing to defend it. Good news for you: I’ve outlined the steps you need to take. Even better news: they’re simple. So, for the good of the business, follow these steps to protect your workstations- and your productivity.
Determine why you need security. Is it to protect sensitive data and valuable equipment? Is it to keep your employees efficient and productive? (Hopefully you said YES to both of these.) You’ll need to have a clear idea of your end goal before you can put the right security measures in place, so be confident that you know what you’re aiming for.
Control the use of computers. Many companies don’t require personal log-ins or passwords for workstations, allowing anyone at anytime to access everything…sounds kind of scary, doesn’t it? This is usually done for convenience, allowing people to work quickly and limiting interruptions to your IT department. Staying away from individual log-ins may seem like a good idea at first, but keep in mind that when you don’t use them, you can’t control who has access to your network or keep track of what they look at.
Restrict internet access. Virus threats are a major concern for companies. While I’m personally not that fond of internet restrictions, they can help boost your odds of remaining virus-free. (And who doesn’t want a healthy checkup?) Case in point: One of our very own was looking for some royalty free .gifs online, and wound up downloading a virus that put her computer out of order for a day and a half. She was stuck working at someone else’s station (and she doesn’t do well with change). Needless to say… it’s a problem that could’ve been avoided!
Ban personal emails at work. With cell phone technology reaching new heights, having to get personal emails at work is practically unnecessary. While that funny joke or cute cat picture can make you laugh, it’s no laughing matter when your entire network goes down because of an email virus. Remember your email server is only as secure as every other email server it’s been with.
Install firewall security. I’m sure you’ve collected the best server and network firewall security out there, so make sure it’s on ALL company computers! But what about the laptops that aren’t always on your network, like the one you bring home for some weekend-overtime (and your kids check their MySpace page on)? Be sure to install and maintain personal firewall settings on your traveling laptops and extranet computers. Verify that the software is always active when computers attempt to access your network or don’t let them in the door. Why let your house burn down because the guy outside is playing with matches?
Update your anti-virus software regularly. The truth is you’re only as secure as your latest update. Antivirus software is not something to skimp on; go with a proven leader in the market. It’s the research and development department that makes an Anti-virus software work, not the bells and whistles or the low price.
Track equipment and manage its location. Runaway laptops are the leading cause of compromised data. Put tools in place to secure, track, and recover your equipment. With PCs shrinking in size, even your office equipment can grow legs. Consider installing tracking software on your traveling laptops, just in case they do get stolen. Also, asset tags and inventory management systems can be a simple way to quickly verify that your in-office equipment is all present and accounted for.
Lock down your equipment. The goal is to keep the honest people honest. You would be amazed how far a cable lock will go when you’re trying to protect laptops and desktops. (Not sure how to choose a good cable lock? Read this article. It’s significantly informative!) And don’t forget about the peripherals! There’s stuff to protect everything that attaches to the computer, too. How much production time would be sacrificed if every mouse and keyboard in your building got stolen (just because a disgruntled employee still knew the access code)?
Communicate with your employees. Most people don’t even look twice at that man walking out the door with a tower in his arms. “Oh, it must be IT doing an upgrade.” I had a co-worker just walk into a lab and start moving stuff around, and not get questioned because he carried a clipboard and looked the part. (Trust me; a good thief looks the part.) Encourage your employees to question when items are missing and confirm they haven’t been misplaced.
Manage your plan. I’ve seen it so many times: the effort is put into building a plan but once it’s up and running, the wheels fall off the security bus. “We haven’t had a theft, we don’t need that.” These are always the last words before a thief strikes. Once you’ve put your security measures in place, develop a plan to maintain them. Every time you turn around, there’s some new technology available. Stay on top of new threats that are developing and what new tools are out there to fight them.
For more advice on managing your security plan and creating an audit system, read this article. It’s insightfully helpful!