Lock It

Protect the information that you keep.

• Put documents and other materials containing personally identifiable information in a locked room or file cabinet.
• Remind employees to put files away, log off their computers, and lock their file cabinets and office doors at the end of the day.
• Implement appropriate access controls for your building.
• Encrypt sensitive information if you must send it over public networks.
• Regularly run up-to-date anti-virus and anti-spyware programs on individual computers.
• Require employees to use strong passwords.
• Caution employees against transmitting personal information via e-mail.
• Create security policies for laptops used both within your office, and while traveling.
• Use a firewall to protect your computers and your network.
• Set “access controls” to allow only trusted employees with a legitimate business need to access the network.
• Monitor incoming Internet traffic for signs of security breaches.
• Check references and do background checks before hiring employees who will have access to sensitive data.
• Create procedures to ensure workers who leave your organization no longer have access to sensitive information.
• Educate employees about how to avoid phishing and phone pretexting scams.