Ever since the big annual John Lewis ad hit our TV screens, businesses across the UK have been counting down the days until the Christmas break. Most companies, apart from those in the retail sector, slow down at this time of the year, and are thus able to take a well-deserved rest, leaving the office behind for a week or so of frenzied last-minute shopping, family gatherings, and a bit of indulgence. But how do you prepare your business for this time off? How do you ensure your business is safe while you and your staff are off enjoying themselves? Here’s a few steps to take to make sure you can rest easy and enjoy the Christmas break.
Have a Plan
While we all may wish for a white Christmas, your business software and hardware may not share the sentiment. Harsh weather conditions can result in power failures, which in turn can affect your servers and IT cooling systems, so have a disaster recovery plan, and a business continuity plan, in place, and make sure you have backed up all of your data to avoid losing it.
Move Data Off-Site
If nobody from your IT team will be at the office over Christmas, that means hackers and other cyber criminals have around a week to try to get into your system and relieve you of sensitive data. If you don’t have it stored on your server, however, they can’t get at it. Move your data to an online server or secure cloud hosting service.
Protect Against a Nightmare Before Christmas
Your staff are the first line of defence (and vulnerability) when it comes to malware and ransomware, so make sure they are educated on the dangers of opening dodgy or unfamiliar emails. At this time of year, those enchanting, heartstring-pulling yuletide videos or appeals can be alluring, but if there is no need to open them on a work device, or a remote device used for work purposes, staff should know to stay away.
Update passwords
Make it company policy for all staff to change their password to a significantly more complex one before they leave for the holidays. They can always change it again on their return, but while there is nobody around to notice funny business going on in your IT systems, it is a good idea to make it as hard as possible for hackers to guess their way into your business. And don’t let anyone use seasonal passwords. They are the festive equivalent of using the name of your pet that is clearly visible on your desk in your social media profile picture.
Encrypt everything
Leaving your business data, devices and hardware for a week means you need to make it as secure as possible, so before you take off, encrypt all of your data on-site, as well as all devices, to ensure data protection. Bear in mind that if you have a Bring Your Own Device policy in place, staff may be using theirs at home over the holidays, so if they are likely to check in on business matters, or have the potential to, they need to be encrypted too.
Implement security alerts
While there may be nobody in the office to notice a security breach or suspicious activity, you can still have a level of protection in the form of security alerts that act as a virtual lookout, and can initiate mitigation actions to prevent the loss or leak of your data, or penetration into your IT infrastructure. This can include automatic shutdowns or added security if there are repeated attempts to access data. You and your IT team may not welcome an alert that requires taking action over Christmas, but it will be better than returning to a full-blown IT disaster.
Use an external IT service
Your security alerts can play a big role in keeping your business safe while your team is off, but a virtual CIO or an outsourced IT support desk means you can not only have dedicated personnel monitor your systems to notice suspicious activity, but also act on it, so you don’t have to.
Add extra layers
Your IT security isn’t one single line of defence, but many, built into your systems to protect them at every level. Perform a security audit to make sure your firewalls are up to scratch, run a business IT health check, and install an Intrusion Prevention System, and strong access controls so that only a select few can log into the business over the Christmas period.
Implementing strong IT security measures to protect your data and your IT systems is of course not just for Christmas. With the impending GDPR legislation set to come into effect in May 2018, your business will need to have a high level of security to meet compliance standards, and the above best practices can be a starting point that will ensure you don’t face big fines next year. If you are unlikely to be able to do this on your own, hiring a certified GDPR practitioner to guide you on what you need to do is a very good idea.
For now, though, putting these security measures in place will help you to avoid giving cyber criminals a gift they can’t refuse, and give you peace of mind while you take a well-deserved break and enjoy a very Merry Christmas.
Find out how secure your business is from online threats by downloading our IT Security Checklist:
