The Ultimate Technology Fall Cleaning Checklist
Fall may be the beginning of the homey season, but before you settle in for the winter, it’s essential to take a look at your technology. Are your passwords strong enough? Have you optimized your systems to improve security? We’ve put together a checklist to help you navigate “cleaning” your company’s systems and computers.
1. Check your passwords
Now is a good time to revisit your security procedures and review your password policies. It is recommended that users choose secure passwords which are at least eight characters. Passwords should be easy to remember but hard for others to guess. Refrain from using common phrases, public personal information, and repetitive passwords. Do not share passwords or give your password to anyone, even if you trust them. Below are some recommendations for acceptable-use policies for passwords in your company.
- Remove the option of using commonly used passwords.
- You can limit the type of passwords users can have by “blacklisting” the following:
- Passwords that appear on frequently used lists, including breach lists.
- Repetitive and sequential characters, such as “1234” or “1111.”
- Context-based words, such as characters in their username or the name of the service being logged into.
- Use Multi-Factor Authentication (MFA)
- MFA requires the user to know their password and approve that they are attempting to log in. Some forms of MFA include things you “know,” “have,” and “are.”
- Know – You must know your password.
- Have – You must have access to your phone, or token, to approve a login.
- Are – You must have your fingerprint (or other biometric) to approve the login.
- MFA requires the user to know their password and approve that they are attempting to log in. Some forms of MFA include things you “know,” “have,” and “are.”
2. Ensure Your Systems are Up to Date
When your system does not have the most current patches and updates installed, it is more vulnerable to cyberattacks. Now is as good a time as any to ensure all your systems and software are up to date.
- Check for Windows Updates on your workstations and servers: Windows does not always automatically clean up old update files. Run Disk Cleanup to remove old system files to help regain extra disk space.
- Ensure Adobe Acrobat Reader and Java license are up-to-date: Java updates roughly once each quarter, sometimes more frequently. Old versions of Java can cause vulnerabilities. Make sure, once the newest version is installed, that the old versions are uninstalled. Adobe Acrobat Standard, Pro, and Reader can all be set to download and install updates through the settings automatically.
- Check all software applications you run on your system for updates.
- Update drivers on your system: You can do this by opening Device Manager and right-clicking each device and checking for updates, or you can check with your manufacturer for a solution provided by them.
3. Implement and Use Backups
Make sure you are backing up all critical data. Many backup applications will back up only default locations unless otherwise specified. Also, make sure you are not backing up files you don’t need.
Backups are a great, simple way to recover from a disaster, be it a natural disaster or a nasty bit of ransomware. If you get hit by ransomware and have a good backup of all your data, you don’t need to pay the ransom; you can restore from a backup taken before you were infected. Having this option will save time and money.
The best backup solutions use a 3-2-1 rule.
- You should have at least three copies of your data. One live copy and two backup copies. If something happens to your live data, you want to be able to access your backups quickly. That is why it is important to have current and complete backups.
- You should store data in two different mediums. If both copies are stored on the same system, and that system has a critical failure, you no longer have access to a copy of your data. You can use a cloud-based storage solution in addition to USB-connected external hard drives.
- At least one copy of your data should be kept off-site. What would happen if your building and all of its contents were destroyed? Could you get another server and get back to business if your only backup is in a pile of rubble? That is why it is important to have access to your data from the off-site location, be it cloud-based or a remote location set up to receive the backups from your primary location.
Implementing these “fall cleaning” practices for your systems and computers will help you be more confident about your company’s data security.