3 Security Best Practices When using Cloud-Based Environments
As more and more businesses are adopting cloud-based solutions to increase their productivity, there is an ever-growing need to educate users about best practices in security. One group in particular requires special attention. According to a recent survey from McAfee, adults are spending a great deal of time online these days, however, their confidence in their use of technology may be causing them to overlook crucial security measures. While an organization may leverage a virtual contract management system to provide employees access to their contracts from anywhere, it is important that each staff member has been properly trained in safe behavior when using public networks and computers.
Here are 3 guidelines to consider when developing security protocols at your organization.
1. Using Public WiFi.
A survey of 1,000 US office workers reveals that 95.6% of daily commuters acknowledge the use of public WiFi connections at least once a week to perform work-related tasks. Some of the survey respondents even connect up to 70 times per week using public hotspots available at coffee shops, train stations, hotels and other places.
It is important to educate your staff about the dangers of connecting to unverified hotspots or, even worse, fake networks pretending to be one. Malicious hackers often lure commuters in public spaces with fake WiFi connections in order to request personal information (e.g credit card) or or install spyware. Some employees may carelessly give away personal information in exchange of the “free” Internet connection, while others may expose themselves to malicious software such as keyloggers.
2. Updating Anti-Virus Software.
57% of the survey respondents stated that they have accessed confidential work-related information while using a public hotspot. The first line of defense against viruses is the anti-virus software installed on those computers using public WiFi. There is a common misconception about anti-virus software, and that is that once it is installed, a computer is fully protected. Educate your staff in updating anti-virus signature files and scanning engines regularly. While a weekly update is good, a daily one is even better. If your company has a central anti-virus server, take advantage of it so that the server installs updates on other machines on the network. If a machine was not turned on at the time of the update, then give a directive to your IT department to work with the user or users to update the software manually.
Additionally, remember that the use of public WiFi may happen also via tablets and smartphones. Encourage your employees to install anti-virus programs for those devices, for example Norton mobile security apps for iPhone, iPad and Android.
3. Creating Safe Passwords.
While having a password-protected portal for your enterprise contract management system is a great business practice, it is completely undermined by the use of weak passwords by employees. It is important that employees change their originally assigned passwords, create complex passwords and regularly update them. Some recommendations are:
a) Creating a password that is at least eight characters long
b) Including a combination of at least three upper and/or lowercase letters, punctuations, symbols and numerals
c) Setting automating reminders to update passwords every one to three months
d) Keeping a different password for each program/web portal
Here is a list of good passwords and a free password generator from Norton for your reference.
To make the best use of a SaaS application and minimize vulnerabilities, it is important to educate users in safe practices for using public WiFi networks, updating anti virus software and creating strong passwords.