29 November 2024

Computer Security Day

Procode
Procode

Q&A with our Technical Security Advisor, Harry Black

What are best practices in cyber security when handling customer or client data?

Best practices in cybersecurity when handling customer or client data include encrypting sensitive data both in transit and at rest, and implementing strict access controls to ensure data is stored securely and only accessible to authorised personnel. Regularly conduct security audits and always comply with relevant data protection regulations and standards, such as GDPR. Finally, provide ongoing training for employees on data protection to ensure data is being processed correctly and lawfully.

How does multi-factor authentication (MFA) improve security, and where should it be used?

As the nature of work has shifted to a more hybrid/remote pattern over the past few years, so has the need to continually verify that the individuals who access our systems are who they say they are. MFA significantly enhances security by requiring users to provide two or more verification factors to access accounts, making it harder for unauthorised individuals to gain access. It should be used for accessing sensitive systems, financial accounts, and any platform containing personal or confidential information. MFA combines something you know (password), something you have (security token), and something you are (biometric verification). Ultimately, this layered approach greatly reduces the risk of breaches and disruption.

How do you keep your devices safe from cyber threats?

In order to keep devices secure, I would use a multi-pronged approach. This would involve regularly updating software and operating systems, as well as installing a reputable antivirus programme to protect my devices from vulnerabilities and malware. Next, I would ensure that my passwords are strong and unique, whilst also having MFA enabled. I would avoid clicking on suspicious links or downloading unknown attachments, as this would open opportunities for malware to be downloaded. Finally, frequently backing up my data would minimise loss from potential attacks.