Nearly half of businesses (45%) say that staff regularly use their own devices for work tasks. But with most employers still handing over a new laptop or mobile phone to new employees, employers need to keep these devices secure from cyber attacks.
It’s important that any device you hand over has some key security barriers in place. 网络安全:雇主新设备清单 will help your business improve its resilience to cybercrime and ensure your employees stay secure working in the office or remotely.
Tick off the basics with new/current employees who receive a new mobile phone, laptop or tablet. 当与员工谈论新设备时, remember to consider where the device is being used and if your employees know the cyber security risks when working online.
笔记本电脑和台式电脑网络安全指南
- 资产管理—确保已记录以下内容
设备厂家、型号、序列号
- Who is it assigned to, when was it assigned to them, and if applicable, when should it be returned
- Does the device need to be installed onto your works network?
- 确保 防火墙和防病毒软件 软件已启用
- 在可能的情况下, built-in firewalls on devices should be configured to use the strictest settings possible - without interrupting the usage of the device
- 确保相关 更新 for the operating system and applications are installed. 建议启用自动更新
- 确保 物理文件和数字文件都是加密的 并且每天或每周的文件备份都已准备就绪
- Restrict the use and downloading of applications which aren’t specific to their job role - installing applications should only be carried out by an Administrator
- 确保用户配置文件设置正确 权限级别
- 审查 插件设备设置 确保他们的安全
手机网络安全指南 & 平板电脑
- 确保所有帐户都有 双因素身份验证(2FA) enabled and that staff are using strong passwords - ideally, 2FA will be implemented through an Authenticator Application such as Google Authenticator or equivalent
- Promote the use of a password manager to keep them secure and encrypted - password经理 also offer the ability to generate strong, unique passwords for each of your accounts
- 确保员工充分利用 强密码和面部识别
- 确保 应用程序更新设置为“自动更新”
- 审核所有申请 - if you want to restrict what employees can download, this should be covered in your company’s Device/Security Policy
- 查看位置设置- setup “找到我的iPhone”
当你在办公室的时候
- 离线/云备份 - ensure that devices are backed up on a regular basis, either daily or weekly. This can be done to a cloud provider or manually using a storage device
- 安全策略 - 确保 your staff review all of your company’s security policies. 这可能包括一般的网络安全政策, 在家办公政策, 可接受的使用政策, 更新政策 & 密码策略
远程工作时的建议
- VPN -确保远程工作时使用付费VPN. 这将保持您的IP地址的安全, and data safe and encrypted should you be required to connect to 公共无线网络
- 无线网络安全- when the use of 公共无线网络 cannot be avoided, follow these tips:
- Always ensure that you use a unique email address AND password if you are required to sign up for 公共无线网络
- 查看网址(URL) of any website you visit/use, ensuring that it is legitimate and where you expect to be
- 检查并确保您访问的每个网站都使用 HTTPS by checking for the padlock icon on the left-hand side of the web address (URL)
- 屏幕保护膜/摄像头保护套/保护套
- If you work remotely in public places, implement a screen protector with a privacy filter. This will protect you from shoulder-surfing and potentially leaking sensitive information
- 保安意识培训
- 保安意识培训 provides simple and practical knowledge for your staff to understand the risks of working online and provides the confidence to challenge something that doesn't look right.
- Cyber attacks continue to evolve and use more sophisticated attack techniques designed to fool employees. 培训 your staff will reduce the risk that your business will face data loss, 金融诈骗, 操作时间损失或负PR.
- 审查 your employer's security policies - this may include Cyber Security Policy, 在家办公政策, 可接受的使用政策, 更新政策 & 密码策略
- 密码s - 确保 you are using Face ID and Passcodes, don't forget using a 密码 Manager will allow you to save passwords across devices to make life easier.
- Don’t forget to enable two-factor authentication on all your accounts
- 不使用未经批准的外部设备
- 不要忘记备份!
- Setup 'automatic 更新’ - these often will include security 更新.
- Only use approved software or applications - only install software/applications from the official source for your device.
- Don’t use personal accounts - Social Media applications on work devices should be restricted to only those the company uses.
- 担心数据暴露? - - -检查 HaveIBeenPwned
- Don’t save financial details - do not use the notes app to store work credit card details or bank information
- Be wary of connecting to 公共无线网络 that does not require you to sign in using a username/password
- 远程工作时使用VPN.
Download your Cyber Security: New Device Checklist for Employees
