As a best practice, users should not be permitted to install software without the appropriate authorization. There should be a centralized process to manage the installation of programs. Having a centralized process, makes it easier to manage an accurate inventory, patch and update critical programs, and manage security risks.
The easiest and most effective way your employees can protect your data is through the use of complex passwords. Passwords should contain a mix of uppercase and lowercase letters, numbers, and symbols. They should be changed routinely and kept private. Sharing or writing down passwords should be against the policy.
Employees should use caution when opening emails and not open anything from unknown sources, including links, attachments, tweets, or ads. They should also be instructed about your organization’s spam filters and how to use them to prevent unwanted, harmful email.
Employees should be trained to store documents on a shared drive or machine that is backed up every night in the event that a file is accidentally lost or deleted.
Employees should report strange activity to the appropriate party. This can include a slow machine or unwanted programs running and be a sign that the machine is infected with malware or a program that is attempting malicious behavior.By taking the above steps you should have a reduction in risk and an increase in your employee’s awareness of the cybersecurity issues you’re facing.