2. Does your organization have a password policy?
While this may seem like a no-brainer, every company needs a good password policy and it MUST be enforced. Users should have to reset passwords every 60 to 90 days, and passwords should be complex.
Beyond that, consider where these passwords are recorded both on a personal level (no sticky notes under the keyboard) and as a company (where does that Excel file live? Is it protected? What happens if you lose it?).
Resource: Password Security – Tips & Tricks
3. In terms of IT planning, do you have a business recovery and backup plan?
Part of a good security plan is planning how to recover from a problem. While you can start the discussion with hackers in mind, stopping there is not prudent. There are a host of things that can bring down your network, and you should have a backup plan.
If you can’t answer the following questions (or find someone in your company that can) you should look outside your organization for help:
Resource: Planning for Disaster
This is Part 2 of a blog series on IT Security Best Practices. Feel free to comment below to share your questions and ideas on the topic. Join us for the webinar on July 25 on IT Security Best Practices.
Join Matt Eshleman on Wednesday, April 19 at 3pm Eastern, Noon Pacific for a presentation and Q&A on real emerging threats and a practical approach for nonprofit cybersecurity.
Fill out the form below to request a quote. We’ll be in touch shortly to discuss your needs and take the first step toward better nonprofit IT.