California Consumer Privacy Act (CCPA) Checklist
Access to dataControl who has access to your data by creating individual credentials that help provide an identifiable record of when and who is accessing your data.
Use Multi-Factor AuthenticationMulti-Factor Authentication (MFA) adds another layer of security to all accounts. This prevents a brute-force attack on weak passwords and can tip you off that someone is trying to get into your account.
Keep your computers up to dateManaged updates and alerts for unpatched workstations can help prevent most of the ransomware and viruses that strike.
Don’t store passwords in plain textIt’s bad enough you’re reusing that old password from when you first got a computer. What’s worse is to have it saved as a contact or excel sheet.
Use a password appClearly we’ve exceeded our cognitive ability to remember all of the passwords in our world. Free up some brain space, use a password app like PasswordBoss or 1Password to create unique passwords for every single site.
Encrypt Encrypt EncryptYour computers should be using BitLocker (win) or FileVault (Mac) to secure the data living on your hard drive.
Secure messagingEmail is still the easiest way to send folks a message. Employ end to end encryption so that your messages containing sensitive data like birthdays, social security numbers and even phone numbers are protected from prying eyes.
Create a secure connection to the internetUsing firewalls, VPN and DNS filtering apps like Webroot can help prevent others from viewing your web activity or worse, influencing the sites you visit.
Manage and monitor your networkSegmenting your network helps keep guests and others from getting to secure assets on your network. Our Unifi solution of wireless and network equipment help provide controlled access to your network.
Backup and TestBackups should encompass on-site, cloud and air-gapped copies of your data. Your onsite backup up could be a NAS drive, whilst other copies go to cloud storage. Finally, TEST YOUR BACKUPS
Promote AwarenessTrain your employees with phishing tests that look like legitimate emails. Make sure they can spot a fake or at least know not to follow those links.