Softlink IC Blog

Subscribe to our regular updates

Are You Committing One or More of These Top 5 Security Sins?

Image of curcuit board and padlock

For Knowledge and IT Staff, ensuring the security of the operating systems they use and the data they manage is their most important responsibility. From their organization’s operating systems to software like library management systems (LMS), they are all about protecting user privacy and the organization’s data.

Despite the best intentions, security gaps can result. No one is perfect and we all need help sometimes. With that in mind, Softlink IC would like to share with you what we believe are the 5 top possible security sins that could be committed!

1. Not Updating Your Software

New ways to breach security walls are increasingly inventive, and software vendors are always adding new protections. Have you been guilty of not updating your software whenever you receive update notifications?

Updating operating systems such as Windows, mobile devices, and even your browser, is essential. It is just as important to update other software used in your organizations, such as library management systems, to ensure your environment is as safe as possible.

Updates include enhancements and often include “fixes” for issues identified as a threat to your data and operating systems. They are easy to run and essential in protecting your organization from a range of attacks that can cause inconvenience, or worse, devastating loss of data.

If you use a hosting service, managing updates is taken care of automatically! For example, libraries and knowledge centres using the Liberty LMS and have contracted Softlink IC to host their system are reassured updates to Liberty are done promptly without interruption to service.

2. Not Securing Sensitive Information

Do you manage sensitive data and information? Have you ever put any information you care about in a site that isn’t marked as secure? A secure website is one that includes a padlock icon in the browser’s address. It indicates the data is encrypted.

Encryption protects data from bad actors while enabling remote access to your organization’s sensitive information by authorized users on their mobile devices. Click here for more information on encryption.

If the site doesn’t show the padlock, it’s really easy for an attacker to see everything that is sent between you and the site. Always check for the padlock!

3. Not Guarding Against Phishing

Are you on your guard for phishing emails and messages from bad actors who want you to interact or complete an action?

These types of emails and messages are not uncommon and increasingly, senders are very clever. They often use the name of a person or organization that at a brief glance, appears to be from someone you know or trust!

If you receive what appears to be a phishing email from unknown/untrusted senders:

  • Forward them to your IT Department or, if it is your organization’s policy, delete them immediately to prevent the possibility of inadvertently clicking a link.
  • Never open attachments or follow links. Those links don’t always take you where they say they will, and opening attachments can unleash a bad genie!

4. Not Backing up Data Regularly

Knowledge professionals are always collecting, curating, and storing data and resources. Do you back up regularly?  Not backing up your data regularly is one of the most common security sins, and may result in the loss of years of data if disaster strikes!

Attacks like ransomware are about preventing you from accessing your data. A good backup strategy ensures you will always have a safe copy. It enables you to restore most data in the event of a disaster.

Your mantra should be backup, backup, backup!

5. No Strong Password Policy

A strong password policy is essential. Do you:

  • Make passwords complex?
  • Ensure staff change their passwords on a regular basis?
  • Send them reminders when their password is about to expire with a link to change it?

Make managing password changes easier by using Single Sign On (SSO). Library Management Systems like Liberty have an SSO module that can be included with their LMS. This makes managing password security so much simpler. It means your users only need one password to log in and access your organization’s various software systems. Also, it makes managing passwords, simple, easy but no less secure!

Most of us have implemented policies that are developed to protect business operations and data. It is also true that sometimes tasks slip through the cracks, and policies are not revisited as often as we’d like. It never hurts to double check that the 5 security sins we have identified, are not evidenced in your organization. And please, if you have any questions, just contact us.

0 Comments