Tag Archives: Boutiqueit

  • -

Protecting Your IT Access & Information

Tags : 

We came across this article this morning. Unfortunately, this is the Norm and NOT just a one off. We run across this frequently.  https://fox8.com/2019/08/31/it-worker-accused-of-shutting-down-company-website-blocking-email-after-learning-of-termination/

Whether it be changing from an “in-house” IT department to Outsourced IT services or vice versa, This sort of thing is happening daily. This article just happens to hit many who will read it literally “close to home”.

Your IT information is yours and you should have it. You should have all passwords and login credentials for your company’s data including websites, CRM, software, servers, every laptop and desktop.

Here is some “low hanging fruit” to help protect yourself and your company from this in the future.

I KNOW you don’t want this information, but you need it.

ADMIN rights should be in duplicate and verified in case of emergency. Think of your checking account, you have two signatures on it in case your spouse becomes unavailable. Same idea here!

Redundancy is key, IF your IT person gets hit by a beer truck tomorrow who has the keys to the kingdom? Small and large companies alike are using outsource IT services because you have multiple users who can work on your system with hesitation. No one failure point.

Freedom – Having your credentials allows you the freedom of NOT being tethered to one single provider or in the article’s case a disgruntled employee. Asking your IT service provider for your credentials after you work with them sends them a signal you are looking for other venders. Whether you are looking or not. If you get this info in the beginning and maintain it thought out your contract you can explore options at any point.

Protocols – Do you have protocols in place for your hiring and termination of employees and the company’s data? Most have a HR handbook that covers fighting and drug use, but is your handbook up to date on data protection?

Lastly, Ohio has new cyber legislation on the books now. CIS controls is also a great place to look for best practices.

  • -

The partnership between your people, your tech, and your business.

Tags : 

Sometimes the relationship between the human resources of a business and its technology gets over looked. As a friendly reminder, here are some of the trappings of the partnership between your people, your tech, and your business.

  • Personal files of employees are now kept on computers instead of a locked filing cabinet. And these files need to be under electronic lock and key. That means encrypted and password protected.
  • Each employee should have their own user name and password to log into the workstation they are using.
  • Networks should be segmented and general policies should be set so that Sally in shipping does not have access to Jeff in accounting’s files. Or Tom in maintenance can’t access Frank in HR files for employees. (see your Network admin to make sure these are set)
  • When an employee leaves or is terminated make sure you contact your Network admins to ensure that all passwords are changed and access to the network is no long possible.
  • Ensure that employees using social media as a part of their job description are set up properly. Meaning after they leave they can be removed from the account without disruption of the account.
  • Security access to buildings and properties. Removal of passwords, keys, swipe cards, badges etc.
  • Vendor accounts should be contacted prior to the employee’s termination/resignation and a date set as to last access to the vendor(s).
  • Phones and laptops should have layers of protection when set up. Employees using company devices should not have administrative rights on devices. Only user rights. This ensures that information cannot be wiped from the device without your permission. It also ensures that improper software cannot be installed on device without the company’s permission.
  • Plan out who and what. As part of the employee’s role in implementation a website or social media page. Be careful as to who has ADMIN rights and what content is being broadcast. When creating accounts make sure how the account is set up (what email address communication is being sent to. Who is the primary contact? Registering a website can be painful to transfer ownership if someone has left the company and used their name to register the site)

It is easy to overlook some of the nuances that happen in the life of a business. People come and go. New technologies become available. New ideas spring to life and people are needed to implement those ideas. Always keep in mind that as you move forward with your business technology, if not done in a well thought out manner, you may try to take a step forward only to be held back by poor decision of the past.



Sign up for the BITS & BYTES Newsletter Today