5 IT Security Best Practices

The terms computer viruses, ransomware, and trojan horses frequently evoke fear and dread on the part of business owners and operations managers.


This may be due in large part to a belief that since they probably can’t understand how they work, by default, there’s nothing they can do to protect their organisation. The good news (and it’s actually pretty good!) is that not only can you increase your IT security, but you can do this without needing an in-depth knowledge of the technology that cybercriminals use to get into computer systems.

There will always be people motivated by financial reward (or even by reputation among their peers), to break into computers over the internet and steal sensitive/compromising data, or remotely “lock” up all data on your system. Any computer connected to the internet is a potential target.

Therefore, just as you take precautions to secure your house along multiple levels (e.g. locks/alarms/monitoring etc.), the same mindset must be adopted for your IT system. Be advised however, that even if you follow each of the 5 IT Security best practices outlined below, it’s not an ironclad guarantee of safety, but the negative effects of an attack should be minimised. We even threw in a 6th bonus tip, so make sure you read all the way through!



The first line of defense is good Antivirus software (our preferred product is from ESET). Features to look for include an inbuilt firewall, malware protection, and an email spam filter. Antivirus should warn about security problems on websites you visit, block most incoming threats, and also provide protection against spam and emails containing potentially harmful links.



Passwords are a frequently ignored method of securing your computer and systems. An easy to guess password makes it more likely that someone can guess it and steal/compromise your data. This article from Entrepreneur contains a great illustration on this problem. Bottom line, ensure your passwords are hard to guess (avoid examples like birthdays, pet names, and favourite music/places etc.), and for extra protection on your most important systems, turn on 2 factor authentication. If you have any questions about this, drop us a line!



Maintain up to date versions of all operating systems and antivirus packages. Updates frequently contain patches against newly discovered security threats, so are very important. Windows and ESET make it easy by letting you know with pop ups or other messages that updates need to be installed, so go ahead and update when recommended.



Encrypting your computer or laptop protects your data in the event of physical theft. If you frequently take your laptop out of the home/office, and you also store sensitive data, especially if it’s subject to data protection requirements, encryption is strongly advised. We use DESlock for our client’s encryption requirements and its very straightforward to install and use.



If you still fall victim to a cyber attack, and you are presented with a demand to pay a ransom in exchange for your data, a good backup system will save not only the day, but also your wallet, since you won’t need to pony up the potentially high amount demanded by the bad guys. At a minimum, back up your data daily to an external location, e.g. cloud backup service, like OneDrive.



It surprisingly easy to ‘clone’ someone’s email address, which a fraudster can use to trick you to transfer money, or to click on a dangerous link. Be very cautious of ANY email which is oddly worded, or requires urgent action from an unknown person or entity. Institutions such as your bank or online retailers will never email you asking you to change your password for example. These types of ‘social engineering’ attempts to trick you are on the rise and are getting more sophisticated. And if that Facebook or other website link tells you to ‘click to see what happens next’, don’t do it. It might be harmless, or it might send spam to all your contacts. Either way, why take the risk? Exercising awareness and staying vigilant will greatly increase your chances of protecting your computers and your money!


Like I said, it’s virtually impossible to guarantee protection, but following these IT Security Best Practices will greatly increase your chances of avoiding an attack or data loss. If your organisation has more than 10 users, a more detailed plan is required, and we can always help with that, just get in touch at 091 395413 anytime!

You May Also Like…