Cyber-criminality continues to wreak havoc and hackers strive to trick internet users and businesses.
According to a survey carried out by the CESIN (Club of Experts in Data and Security Information) in November and December of 2018, 8 companies in 10 were affected by cyberattacks. Phishing mails are the most frequent form of cyber-attack.
According to 98% of companies interviewed, the digital transformation has impacted their security systems and their data. Cloud storage is used by 87% of companies (of which 52% are in the public cloud), which exposes companies to various risks such as enabling host administrators to access data and the potential loss of control over the host’s outsourcing chain and as well as the non-erasure of data.
Given these risks, how can you ensure the protection of your projects when the threat of cybercrime is ever present?
Here are 9 tips that every project leader should take on board to better protect their project data.
1. Create an impenetrable password
One of the first measures you should implement is a strong password that is virtually impossible to crack.
According to Microsoft, to create a good password, you should avoid using personal data such as your birth date or your name as well series of letters or numbers (like abcdef or 1234567). Make sure you also avoid using the same password everywhere.
A strong password should contain at least 8 characters and be a combination of numbers, symbols or special characters as well as lowercase and uppercase letters. Finally, you should change it regularly, at least every 3 months.
2. Install antivirus software and a fire-wall
It’s obvious: to protect your system, you should invest in antivirus software and an effective fire-wall.
Free antivirus software only offers you basic features. If you process a large quantity of data, it is important to install premium antivirus software so that your data security is infallible. Your data as well as your reputation to clients is at stake.
A quick reminder: antivirus software protects you from internal and external malware attacks while a firewall monitors and filters incoming traffic, especially from the internet, to protect your network from intrusions.
3. Back-up your data regularly
Everyone has experienced this at least once: you have been working on a Word document for an hour when your computer shuts down without warning. After that, you start saving the document after writing every new sentence.
The same thing can happen with data. Regularly back up your data on hard drives or on the cloud, in order to rapidly restore your data in case of a ransomware attack. There are multiple different cloud solutions available to you online to host your data.
4. Regularly update your software
Software producers regularly update their software, to improve their products and to strengthen them against cyberattacks. They also remove bugs that allow hackers to infiltrate the system.
Hence the importance of regularly carrying out official software updates. Most of the time these updates are automatic.
Keep in mind that without the software, your company and your projects are vulnerable to cyberattacks.
5. Use end to end encryption
Currently, end to end encryption is the most secure method of encrypting your data. This system allows you to encrypt the contents of your files and your messages so that they are only accessible to authorised persons. Even intermediaries such as internet providers or messaging services cannot access the information.
The difference between traditional encryption systems and end to end encryption is that two keys are used, one to encrypt and the other to decrypt the code. This is called public key cryptography and guarantees the maximum security of your data.
6. Secure your Wifi network
Today, it is rare for companies not to use Wifi, but did you know that wireless networks are more vulnerable to cyberattacks than non-wireless networks?
You should secure your Wifi network by encrypting it with a numerical key so that only authorised individuals are able to access it. To do so, use the WPA system of encrypting and particularly WPA2 (an even more secure version). In addition to encrypting your data, this protocol authenticates users, by setting access rights in advance through an authentication server.
7. Protect your mobile devices
Other than computers, smartphones and tablets are the most used devices in our daily life. The practical advantages are undeniable however they are easily stolen or lost. Ensuring their data security is therefore paramount.
There are several ways to secure your mobile applications:
- Double authentication,
- Remote data erasure,
- Data encryption,
- Regular password changes.
8. Monitor for unusual activity
Hackers are cunning and regularly find loopholes to get into the system. Often, companies realise too late that their data has been compromised.
To avoid bad surprises, keep an eye out for unusual activity. As project leader, regularly monitor your indicators or assign this task to one of your team members and implement an action plan in the event of an attack.
9. Work with stakeholders in compliance with GDPR
The general regulation on the protection of data (GDPR) is a European regulation which holds companies accountable for the protection of the personal data of European citizens.
Since the 25th May 2018, companies that are no longer in conformity with GDPR put the personal data of their clients at risk and face tough sanctions. In France the CNIL supports companies in their efforts to comply with the regulation. It is also the organisation that controls and sanctions companies if they are found to be non-compliant. It is very important to work with providers to comply with GDPR.
10. Train your employees
This stage is often neglected; however, it is essential. Your collaborators should be aware of the dangers of cybercrime, the types of cyberattacks and their consequences.
You should make your collaborators aware of threats, the correct security protocols as well as good habits to get into and which behaviour to avoid (do not open an email, click on a link or download an attachment from an unknown sender, do not share your password, etc.) to ensure your company’s security and to protect the data of your projects.
To manage your projects without concern for the security of your data, place your confidence in Wimi Armoured, a secure platform that allows you to efficiently manage your more sensitive projects without compromising the security, the confidentiality and the sovereignty of your data.