Risk and Controls
We recommend that all customers run risk assessments and control evaluations periodically.
Update your software
This includes your apps, web browsers, and operating systems. Set updates to happen automatically.
Encrypt devices and other media that contain sensitive personal information. This includes laptops, tablets, smartphones, removable drives, backup tapes, and cloud storage solutions.
Secure your files
Back up important files offline, on an external hard drive, or in the cloud. Make sure you store your paper files securely, too.
Use multi-factor authentication
Require multi-factor authentication to access areas of your network with sensitive information. This requires additional steps beyond logging in with a password — like a temporary code on a smartphone or a key that’s inserted into a computer.
Use passwords for all laptops, tablets, and smartphones. Don’t leave these devices unattended in public places.
Secure your router
Change the default name and password, turn off remote management, and log out as the administrator once the router is set up. Make sure your router offers WPA2 or WPA3 encryption, and that it’s turned on. Encryption protects information sent over your network so it can’t be read by outsiders.