Tips on Being Cyber Safe While Using a Document Management System
By Hellen Lubanga
We have gotten to a point in the workforce where our jobs are performed entirely online. Whether the change has been a welcome or nuisance depends on an individual. However, if you ask around, you will find that due to our work processes becoming digitized, more and more people are pointing out that there has been a noticeable increase in phishing and spam emails, fraud, impersonation, cyber-attacks, and other digital-related scams and crimes.
Here are a few tips and tricks to help protect you as you navigate your DMS software.
1. Keep your usernames and passwords strong and secure.
People have the habit of using the same password for everything since it is easier to remember one password as opposed to multiple passwords. However, this isn’t advisable as all it takes is one person to access all your accounts when they discover your preferred password. Document management systems are no different as they tend to have password-protected access and various internal features to manage employee access to certain information.
The threat is not always external, but internal as well. Departments such as human resources tend to store extremely sensitive information about company employees, so any information leak would result in devastating effects. To protect yourself and your entire team from software hacks, always use strong, secure usernames and passwords, and remember to alter them frequently.
2. Only use secure WIFI networks to connect to the Internet.
When using a publicly accessible network, any device on the same network can connect to that network. They can use that same network to access the data on your device without you even noticing. Seeing that you do need the internet to access your company’s network, you can either run the software on trusted networks or invest in a VPN (Virtual Private Network), which establishes a secure, encrypted connection between your computer and the internet, providing a private tunnel for your data and communications while you use public networks. As an extra precaution, a company can opt for enterprise VPN packages to protect their staff and software as an extra precaution.
3. Authenticate identities before releasing any information.
Before disclosing your information to anybody, always make it a habit to verify the identity of the other person on the other end. Impersonation is one of the most common types of fraud, so never disclose any information to another party until you have verified without any doubt that they are in fact who they claim to be. Any genuine individual would not hesitate to provide proof of their identity.
4. Be careful with URLs shared with you.
Always double-check website URLs. Hackers have found ways over time to develop phony website URLs that mimic those of websites you regularly use and trust, such as your healthcare provider, bank, or other providers, in terms of both the URL and homepage. To avoid falling prey to this, instead of clicking on the URL shared with you, type the URL manually into your search engine. Furthermore, ensure that the UR of the site you’re visiting begins with HTTPS; these sites are more secure than those that begin with HTTP without the S at the end.
There are various things you can do if you feel you’ve received a questionable email.
- Make sure the URL is correct. It will contain ‘https’ at the beginning of the web URL if it is encrypted.
- Make sure there are no grammatical or spelling errors. These might indicate that the email is not from a legitimate company.
- Do not open any attachments or click on any links until you get confirmation from the person labeled as the sender.
- Remove the email from your inbox and blacklist the sender.
- In your email settings, turn on the spam filter
1. Keep management in the loop.
If you notice any suspicious activity or security loopholes anywhere in the document management system software, speak up. The best people to approach are top-level management, as they are more likely to provide a solution and less likely to be security risks themselves. It is their organization, so chances are a data leak would be a cause for concern and be acted on quickly.
2. Request a multifactor authentication feature to be included in the DMS
With multifactor authentication (also known as two-factor authentication), you must provide more information before accessing or using your account. For example, a code you are meant to type can be sent to your mobile or email to verify that it is you logging in before you are granted entry. Without this supplementary piece of information, you will be denied access to your account.
3. Use password managers when sharing private credentials.
If you need to send or receive log-in information to a remote colleague, the safest way to do so is by using a business password management platform rather than sending an email or text message. These password managers allow users to store passwords in a secure, encrypted vault where they can also be shared with other colleagues or departments.
4. Backup your data
It is important to always back up any data that is essential for business operations. Viruses and ransomware such as Trojans can encrypt, steal, or delete data. So, in the event of stolen or lost data, you can quickly retrieve your data from backed-up sources, which will allow you to keep running your business without too much downtime or disturbance. It is also beneficial to remember that backups should be secure and restricted so only designated employees can access them.
- Install security software updates.
Document management companies sometimes offer security feature updates to patch up any flaws within the system so as to fend off newer cyber-based attacks or threats. This is why it is essential that you keep your document management system security features up-to-date. This means no more ignoring update prompts, as these updates are legitimately there to protect you, your data, and that of your company.