HR Jetpack

Best Practices

This video is premium content

Register or sign in to gain access.

Lesson:

Best Practices

Lesson Content

Preventing a data loss scenario begins with the obvious, yet frequently overlooked, statement that you shouldn’t engage in high risk behaviors on any device you wish to keep safe. In the case of the Black Friday attack I mentioned previously, the San Francisco Examiner exchanged emails with the contact address left by the attacker who alleged that the victim was random, not targeted. The attacker went on to claim that the user of an admin-level computer at the SFMTA downloaded an infected torrent file for a software key generator.

And the only reason you need a software key generator is if you are trying to make pirated software work. So it shouldn’t be surprising that someone who is using the dark corners of the web to engage in illegal activity like pirating software would fall victim to malware. As I have said throughout the course, security is a spectrum and the more aspects you take seriously and implement, the safer you will be. The same holds true for behaviors. The more careful and considerate you are to the consequences your actions online have, the better off you will be.

The tips that follow are a series of best practices which you should certainly take advantage of in your personal life. Professionally, they may be difficult to implement if your organization already manages your workplace devices. Even if they do, it is important to understand why some of those procedures are in place.

Number 1 is to keep updated. I have said it already, and will say again that out of date software and operating systems are a huge security risk. Any piece of software can have flaws or weaknesses but generally the most recent version will be the safest version.

Number 2 is another call-back to the global concepts section with a reminder to compartmentalize your activity. In the case of a breach, you want the attacker to get as little as possible. The less data stored on a device, or accessible through an account, the less you have to lose if it is compromised. For example, if you are traveling for a personal vacation, which work files do you really want to take with you on your laptop or tablet? In whatever you are doing, try to keep a risk assessment in the back of your mind to what your level of exposure you might have if your device were lost, stolen, or illicitly accessed.

Number 3 is to backup everything you do. It is something that people recognize as being important, but most don’t really have a plan in place that they trust will cover them. There are a lot of backup solutions to make things easy and automatic in many cases. On your personal devices you generally have 2 options: hard drives vs. cloud services. If you are going to backup your computer onto storage drives, make sure to keep those drives separate from the source device. One of the most common mistakes I see is people who store the device and the backup in the same place, such as putting the backup drive in a desk drawer above the PC. In the case of a fire, break-in, or other disaster you need to be sure that the backup can’t be compromised along with the source material. A safety deposit box, fire-proof home safe, or other protections like that are worthwhile. You may not know how to quantify it, but your data has a dollar value to you and to an attacker, and it deserves the same level of protection you would give to your financial well being.

Number 4 is that it is time to trust the Cloud. The idea of storing data on a server you can’t see, managed by a 3rd party company makes everyone uneasy. But the fact of the matter is that these modern tech giants are doing security far beyond what you and your organization could do for yourselves. Most companies are, or should be, in the process of reducing the footprint of their in-house data storage in favor of cloud-based solutions. I mentioned previously that cloud-backups are an option, and it is the one that works the best for most people. By this time, most people have restored a smartphone via cloud backup when upgrading to a new model or after breaking their previous one. The same methods can be applied to your PC. Choose a reputable company you can trust, and secure the account, but that backup should be as safe, if not more so, than going through the hassle of using physical storage drives. Going forward, more and more work will be done originally through Cloud services where you never even have any files stored locally on your devices, meaning you never have anything which can be compromised on the device, and nothing to back up.

Until then however, we need to protect our data so number 5 is to run vulnerability scans. Antivirus and anti-malware detection software is critical to making sure that your computer is free from malicious activity. Your organization hopefully has systems in place to do this for you already. On personal devices, I suggest using Windows Defender on Microsoft PCs rather than costly paid antivirus software. Unfortunately, many of the leading antivirus applications make your machine run very poorly while trying to bait you into paying for services you do not need. Regardless of what you choose to use, it is critical that you have systems running passively in the background all the time to monitor and protect. And while passive monitoring is critical, you also need to take advantage of the active features as well. If ever you download files from email attachments or websites, make sure to scan the file before opening. This is especially true for zipped folders or files with unrecognized extensions. In the vast majority of malware cases, the user’s actions, through files they downloaded or websites they visited, led directly to the infection. It is important to be vigilant to keep your system clean.

Number 6 is to turn off macros in Microsoft Office. Macros are a common way of adding programming functions to Office, allowing for powerful automation or other controls over your documents. While many people use them to speed up their workflow, they can be manipulated by attackers to run damaging attacks. A common method involves a trojan disguised as a common Microsoft Office file type, such as a doc or xls file. When the user opens the file in Office, the macros run a hidden script which loads the malware onto your computer. In some cases they install keyloggers to track your keystrokes, or give remote access to your machine to the attacker. This kind of attack is very common as a means of entry into modern businesses with a large office staff. Just send the same phishing email to everyone at a given company and hope that just a few will open it, with macros enabled on their system, and you are in.

Michael Wilson

Instructor:

Michael Wilson

Michael Wilson works with small businesses to build and protect their brands online. He is an IT Generalist whose primary services include: Web Design & Development, Cybersecurity Consulting & Training,...

Michael's Full Bio

HR Courses

Human Resources Training Programs

Self-paced HR Courses

The following HR courses are self-paced (asynchronous), and qualify for both SHRM and HRCI recertification credits. These courses are included in the HR Recertification Subscription.

Effective Disciplinary Action Policies and Procedures

Duration: 1 hr 1 min
SHRM: 1.0 PDC
HRCI: 1.0 General

Liz LaForte

Liz LaForte

RFP Process for HR

Duration: 1 hr 19 mins
SHRM: 1.25 PDC
HRCI: 1.25 General

Mark Fogel

Mark Fogel

Organizational Ethics for HR Managers

Duration: 1 hr 30 mins
SHRM: 1.5 PDC
HRCI: 1.5 General

Dawn Tedesco

Dawn Tedesco

HR as a Business Partner

Duration: 1 hr 5 min
SHRM: 1.0 PDC
HRCI: 1.0 Business

Scott Pitts

Scott Pitts

Blockchain for HR

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Michael Wilson

Michael Wilson

HR Strategic Planning

Duration: 1 hr 2 mins
SHRM: 1.0 PDC
HRCI: 1.0 Business

Hayley Buonopane

Hayley Buonopane

Employee Engagement & Retention

Duration: 1 hr 4 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

HR Metrics That Matter

Duration: 1 hr 16 mins
SHRM: 1.25 PDC
HRCI: 1.25 Business

Christina Danforth

Christina Danforth

Finance for Absolute Beginners

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Anna Samorukova

Anna Samorukova

Change Management 101

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Hayley Buonopane

Hayley Buonopane

Labor Relations

Duration: 1 hr 42 mins
SHRM: 1.50 PDC
HRCI: 1.75 General

Matthew Kerzner

Matthew Kerzner

Diversity and Inclusion

Duration: 1 hr 25 mins
SHRM: 1.25 PDC
HRCI: 1.50 General

Christina Danforth

Christina Danforth

HR Analytics

Duration: 1 hr 31 mins
SHRM: 1.50 PDC
HRCI: 1.50 Business

Christina Danforth

Christina Danforth

Performance Management: Development & Deployment

Duration: 1 hr 18 mins
SHRM: 1.25 PDC
HRCI: 1.25 General

Christina Danforth

Christina Danforth

The Role Assessments Play in Talent Management

Duration: 2 hr 5 mins
SHRM: 2.0 PDC
HRCI: 2.0 General

Craig Haas

Craig Haas

AI for HR

Duration: 1 hr 3 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Michael Wilson

Michael Wilson

Compensation 101

Duration: 1 hr 8 mins
SHRM: 1.0 PDC
HRCI: 1.25 General

Pamela Sande

Pamela Sande

Effective Leadership Communications for HR Professionals

Duration: 2 hr 30 mins
SHRM: 2.5 PDC
HRCI: 2.5 General

Christina Danforth

Christina Danforth

Recruiting Strategies to Hire the Best Candidate

Duration: 1 hr 6 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Lois Krause

Lois Krause

Cybersecurity 101 for HR Pros

Duration: 1 hr 2 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Michael Wilson

Michael Wilson

EQ Competence: Fostering a Talent Advantage that Drives Organizational Performance

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Craig Haas

Craig Haas

Thinking Lean

Duration: 1 hr 8 mins
SHRM: 1.0 PDC
HRCI: 1.25 Business

Christina Danforth

Christina Danforth

Coaching for HR Professionals

Duration: 1 hr 2 mins
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

The Employment Cycle

Duration: 1 hr 45 mins
SHRM: 1.75 PDC
HRCI: 1.75 General

Christina Danforth

Christina Danforth

Behavioral and Situational Interviewing

Duration: 1 hr 8 mins
SHRM: 1.0 PDC
HRCI: 1.25 General

Stephanie Legatos

Stephanie Legatos

Dynamic Dialogues

Duration: 1 hr 10 mins
SHRM: 1.0 PDC
HRCI: 1.25 General

Stacey Zackin

Stacey Zackin

Employment Law 101

Duration: 3 hr 11 mins
SHRM: 3.0 PDC
HRCI: 3.25 General

Mark Addington

Mark Addington

Thrown to the Wolves: Preparing Your New Leaders to Lead the Pack

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Karen Hinds

Karen Hinds

Introduction to Organizational Development

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Practical Meeting Preparation: Getting Ready for a Productive Meeting

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Succession Planning: Build Your Bench

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Practices for Hiring Successfully

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Team Development: Building Collaboration & Effectiveness

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Leading and Managing the Need for Both

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Coaching: Guiding the Management Team

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Being A Change Agent

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Hayley Buonopane

Hayley Buonopane

Leading a Multigenerational Team

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Karen Hinds

Karen Hinds

Multi-Generational Workforce: Problem or Competitive Advantage?

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Virtual Reality: The Future of HR

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christina Danforth

Christina Danforth

Unconscious Bias: Impact on Recruitment and Retention

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christina Danforth

Christina Danforth

Business Fundamentals for HR Pros

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Influence and Communications as an HR Pro

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Value Based Decision Making for HR Pros

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Strategic Planning to Support HR Initiatives

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Dr. Deborah Osgood

Dr. Deborah Osgood

Meet in the Middle: Best Methods for Conflict Management

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Economics for HR Professionals

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Business Plans: Why HR Pros Should Care

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Emotional Intelligence: What is it and Why Does it Matter

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Marketing/Selling Continuum (From Idea to Revenue)

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Diversity Equity & Inclusion The Lens We Wear

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Welcome! What HR can Learn from the Field of Hospitality

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Accounting and Financial Reporting for HR Pros

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

How HR Can Establish & Influence a Culture Of Hospitality

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

Raising Capital (Who, What, When, Where, Why & How)

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 Business

Jack Antonich

Jack Antonich

Cultural Competence: Fostering Diversity Equity & Inclusion

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Stacey Zackin

Stacey Zackin

DiSC Communication Styles: What are They & How They can Help You

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Effective Meeting Facilitation for HR Pros

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti

Best Practices in Providing Effective Performance Feedback

Duration: 1 hr
SHRM: 1.0 PDC
HRCI: 1.0 General

Christine Gatti

Christine Gatti