Top Menu

Security Checklist: Protect Your Devices and Network From Malware and Viruses

  • Assign a password to every PC and device your company owns
  • Set up PCs so they lock and require a password when an employee walks away from his/her work station
  • Change passwords at least quarterly
  • Set up an encrypted system if login and password information needs to be shared—never use regular e-mail
  • Procure and install anti-virus and malware detection software on each company device
  • Set up regular monitoring and alerts
  • Follow reliable sources for news on newly discovered Trojans, spyware, and viruses and how to recognize and avoid them
  • Update software as soon as bug fixes and patches become available
  • Encrypt your data during regularly scheduled backups
  • Store both your on-site and your off-site data in a secure location
  • Establish policies and insert them in the employee handbook.
    Consider:
[/unordered_list]
  • A PC will lock after 1 minute of idle time and require a password to unlock
  • Your company only hires the brightest and the best so expect NOT to find passwords anywhere, especially in the desk drawer or box of paper clips, under the keyboard, mouse, or desk chair; on the bulletin board, etc.
  • Passwords must be updated every 90 days and must include at least 1 number and 1 special character
  • Sharing of passwords and other encrypted, proprietary, or sensitive information are grounds for immediate dismissal
  • Every e-mail will have a subject OR it should be treated as spam and be deleted without opening and without clicking any links
  • The following sites are off-limits on company time and equipment: ___________ (either list specific sites or classes of sites like “those that have nothing to do with your job” or social media, videos, sites ending in certain country codes, etc.)
  • Good judgment will be expected from all employees—don’t click on links just because you recognize the sender’s name
  • Hired help from outside of the company needs special permission to have access to login and password information—don’t just trust someone who says they are troubleshooting for Apple, Dell, or Microsoft