Think about a medieval castle. A moat surrounds high walls, protected by soldiers behind battlements. There is likely a drawbridge and a portcullis, and slitted windows for archers. These layers of defences keep the castle safer than if the inhabitants rely on only one strategy for defence.
Your computer is no different.
A password-protected computer, for example, may be compromised if you share the password. But if your data is also encrypted, a potential breach can be averted. Like a moat and a portcullis, layers of protection help to make your computer defences stronger.
Here are some hints to ensure your computer system is well-defended:
- Purchase business-grade computers. Manufacturers embed additional security features into commercial-grade equipment.
- If you use multiple operating systems, like Apple mobile devices and Windows-based desktop computers, you need to address another layer of security. Good policies and default settings for one system may not apply to the other. Here is an article about the importance of layers of safeguards when using multiple systems.
- Create unique user accounts. Make it easy for multiple users to switch users on the same computer instead of sharing passwords.
- Users should have access to data on a ‘need to know' basis. If your computer network uses shared access to files, decide who needs access (and who does not) to each type of file. For example, everyone should have access to the policy and procedure manuals and forms, but only a few people need access to payroll information.
- Set permission levels for folders with sensitive information.
- Review and update the security settings on your wireless router – and change the WiFi password.
The Privacy Commissioners of Alberta, BC, and Canada have jointly published a checklist that you can use to assess your computer systems security (page 13). See “Securing Personal Information: A Self-Assessment Tool for Organizations”.
- Position computers so that the screens can only be seen by the authorized user.
- Ensure that the computers have a unique user log-in, passwords, and automatic lock-out when not used for a period of time.
- Ensure that computers (and mobile devices) have anti-virus software that is updated regularly.
Share Privacy Challenge #6!