There are a lot of ways you can be harmed when mixing technology:
· Malware which can slow your computer and leak personal information
· Viruses which can crash systems and networks thus preventing you from working
· Physical theft which… well, is theft and leaves you out of luck
· Identity theft which can turn your life upside down due to malicious activities
Needless to say – you’ll want to protect your digital & physical assets through a combination of active and retroactive actions. Active in the sense you set up deterrents for would-be attackers and retroactive to handle the situation if/when it happens.
The first thing you really should do is to create a security procedure and policy. You need to be aware of the attacks that are happening whether it’s a new virus or a traditional phishing technique. Procedure and policy should be in place so that information isn’t leaked to non-authorized individuals in the real world and so that it is protected from prying eyes in the digital.
The second thing you should absolutely do is to back up your data through secured means. To do this I would recommend saving your files to a physical Secure USB flash drive, which uses encryption and an actual pin-pad to lock the device. Once the physical is done you will want to backup that data to the cloud so it’s off-site (which helps to deal with physical threats and damage).
The third thing to be doing is regular updates to your operating systems (make sure to install those suggested security updates). Yes, updating takes time especially when doing it to multiple systems but the patches are created to prevent the common attacks. A small deterrence is often enough to stop individuals from attacking you and have them moving to their next target. Besides the base patches to the OS you should certainly do regular updates to malware/anti-virus software and have those run on regular intervals to check the system and files.
The final thing that’s going on this base list is that you should always take the time to change security information (i.e. passwords). Passwords, although it’s a pain, should be changed frequently (aim for at least every quarter), not be easily shared, written down in plain sight, or be paired with easily accessible information that can be found on social profiles. Other areas in this regard means security permissions for people accessing internal resources (admin, user, etc), and separation of work and private emails.
Much of cyber security comes down to what you’d expect in normal workplace security: pay attention, don’t take risks, and stay educated. Attacks are often done to those that are out-of-the-loop in the techniques or have their defenses down – stay aware and have systems in place if you’d like to ward off and handle nearly any attack.