Here’s a best practice checklist to make sure you’re taking all the necessary precautions to protect your business and keep your data safe in the cloud.

Use a password manager

With multiple tools come multiple passwords. The choices for today’s office workers may seem between using weak passwords that are easy to remember (“password” or “1234567” is always in the Top 10 when the results of the latest data breach are posted) and passwords. sure they are hard to remember.

Instead of trying to find better passwords, try implementing a password manager like 1Password or LastPass. This makes it possible to use different strong passwords for all your online services, while only having to remember a single master password. These managers help keep your passwords encrypted and locked away from unauthorized eyes. However, your password manager will only be as strong as the master password you choose, so test potential passwords on a website like to see how easy it would be for a computer to hack them.

Embrace two-factor authentication

It has become common for online services to implement “multi-factor” authentication (MFA). In fact, if you don’t have those settings, you should. MFA tools send a unique code via SMS text message or use an authentication app on your mobile device.

If you have the option to choose between an SMS text message or an authentication app, go to the app. Many authentication apps are not tied to a single device, giving you access to the MFA code if your phone is not nearby. Second, it is possible for hackers to steal your cell phone number and access any MFA code that is sent to you via text message.

Adapt the principle of least privilege

As a business expands its online presence, it is common for multiple people in the organization to have access to the online tools necessary to run their business. The principle of least privilege means that only people who really need the tools to do their jobs should have access to them. For example, your finance team probably doesn’t need access to your code repository, and your development team probably shouldn’t have access to sensitive financial data.

Some tools offer “temporary leave” features, allowing a limited time for an employee outside of the core team to complete a task. This can ensure that the business does not slow down while offering improved data protection.

Access control for third-party applications

It is vital to understand how much access third-party applications have to your data. Some applications request authorization to manipulate or even delete your data when it is not necessary. As a business, you should read the terms and conditions carefully to assess the level of risk that your business could put.

Reports from industry analysts like Gartner and Forrester, along with reviews from software evaluation portals like GetApp, G2 Crowd, and Capterra, can often be helpful when evaluating a vendor’s reputation and reliability.

Verifying applications can be a long but necessary process. We’ve made it a little easier for you with our simple guide to choosing only the best apps for your business.

Arm yourself with knowledge

Employees who work from home tend to be more vulnerable to phishing attacks, malicious software, and other data security threats. It can be difficult for remote workers to stay focused on non-work related distractions at home, making it easy to click on a suspicious link. Additionally, working from home is typically done using standard residential network equipment that is less robust and easier to breach than the commercial firewalls found in most offices.

The first step is to educate yourself and your team on how to avoid different phishing attacks. This is what to look for:
  • Check suspicious emails and text messages with the sender by sending a new email or picking up the phone and giving them a call.
  • Ignore and delete unsolicited emails or text messages from outsiders.
  • Do not open or click suspicious documents or links in email or text. Always check with the sender on a different channel before taking action.
  • Be suspicious, be always alert when you receive unsolicited instructions by email. If you are not sure, it is better to leave it.