Business owners face a challenging situation with the modern digital workplace – not only do they have to provide employees with easy-to-use applications and flexible working structures, but they are increasingly under threat from a range of cyber security threats.
This applies across business sectors, but in particular to those with a workforce that uses Apple Macs. Staff can often be one of the weakest links in the security chain, simply through a lack of security knowledge. For example, many professionals are now better informed about good password practices, however this is just the starting point – there are other security areas managers need to guide and assist their staff with, especially when dealing with users who firmly believe in the common “wisdom” that Macs are impervious to security threats.
Knowing what to add to a security policy can be the most difficult place to start. This is why we have prepared a helpful checklist to refer to when bringing new staff on board and for existing employees who might need a refresher in best practices.
Start with passwords
· Are they strong and varied enough? 123456 should never be used.
· Set a recurring reminder for staff to change passwords. Make sure individuals actually do change their corporate and personal passwords regularly.
· Consider setting up employees with a password manager. Easing the burden on peoples’ memories can improve results.
Product updates should follow
· Browsers, web plugins, applications, Mac OS X. All need regular updating.
· Website content management system? Do not become a source of malware, it could harm your company’s reputation and bottom line.
· Don’t forget smart mobile devices. Bring Your Own Device (BYOD) must be addressed.
· Enable auto-updates or choose a solution that allows remote management. Make it easier for yourself and your staff.
· Risk management. Organise one-on-one sessions to explain the risks for those who are more lax with product updates.
Malware be gone
· Cloud is generally more flexible. Cut your administration by managing everything from a single software suite wherever you are.
· Malware scanning 101. Malware comes via Windows and Mac users, make sure staff are protected 24/7.
· Email advice is important. Phishing and social media are often exploited by cyber-criminals searching for an easy way in.
· Use Apple’s tools. Powerful protection if configured correctly.
· Gather data. Search for a security suite that collects employee usage data to gain a more comprehensive understanding of which individuals could benefit from extra training.
Advice for all
· Layered defences are best. Staff with anti-malware protection, experience and increased awareness are better protected than those with only one.
· Think broader than malware. Threats can be stored on USB sticks, delivered via insecure Wi-Fi or by spoof device crash reports.
· Avoid jailbreaking mobile devices. Never a good idea from a security point of view.
· Stay informed. There are companies dedicated to Apple security, ensure you read the resources available to you regularly.
A competent security policy should include everything from threat guidance in plain English, password advice and malware notifications, to trusted security suites and best practice programmes that are regularly reviewed and updated.
The previous list is by no means exhaustive, but it should provide you with the first steps to protecting your corporate and customer data from those trying to profit from one of your most valuable assets.