Maintaining high levels of security is of upmost importance for the financial sector as they must protect their client’s details. Threats to document security can include:
Some of the main concerns include security breaches, unstructured data, unsecured files, human failure and unauthorized access to storage. All these mean that you could be risking client data, customer databases, financial details or even current deals.
We work a lot with financial services companies where regulation, security and compliance levels are extremely high. Hence, we have strong security tools and policies to comply with their standards.
At UpSlide, we benefit from our Microsoft Gold Partnership to access powerful security software and we develop integrated features to safely manage corporate documents.
It is more important than ever for clients to trust your company. As more customers are demanding that their suppliers are secure, this is becoming a business necessity. Whilst the topic of document safety can be daunting, there are simple steps you can take to ensure that nothing goes wrong.
A study by CloudEntr (“State of SMB Cybersecurity”) revealed that 77% of organizations identified employees as the weakest link for maintaining data and network security. For this reason, strict organizational codes and practices need to be in place to reduce risk.
The most common document security threats are internal
1. Prevent employees from becoming phishing victims
Phishing emails, now account to 90-95 % of all successful cyberattacks worldwide, pose the biggest internal threat. This is where hackers act as trustworthy entities, such as suppliers, colleagues or even clients, and ask for sensitive information. But, by knowing how to spot them you should be safe and sound! Make sure that you check the sender’s actual email address, not just the name. Spelling mistakes, incorrect or slightly tweaked logos are also a red flag. If you aren’t sure, verify the email with your IT team so you don’t compromise any sensitive documents.
At UpSlide, we rely on Office 365 Advanced Threat Protection which offers two great security tools:
- Safe Links which analyses external links and detects suspicious links used in phishing emails
- Safe Senders to maintain a list of trusted senders in Outlook
Here’s an example of an email automatically blocked as its attachment contained a malware (courtesy of our Head of IT):
Virus and ransomware can corrupt all the documents stored on your servers. Be cautious when dealing with spams and phishing emails policies.
2. Manage your documents
Document security works best when access rights to documents are granted on a need-to-have basis. Having documents locked by passwords and restricting access is an effective way to ensure a secure document environment. Electronic document management systems can be extremely useful. These systems will have audit trails that monitor documents and record any modifications and general activity. It is vital that these trails must be actively checked for suspicious activity which could pose a threat to document security standards.
Many of our clients rely on data protection systems such as Azure Information Protection to classify, label, and protect documents based on their sensitivity.
This also raises the issue of physical documents, which can end up left around the office, for everyone to see. It is essential that this does not happen. Make sure your co-workers securely destroy sensitive documents (instead of simply binning them) or lock them away safely if they need to keep them.
3. Be aware of shared devices
Shared devices like printers and scanners are another point of weakness for document security. To limit the danger, only authorized users should be allowed access to network applications and resources from these systems. Protect printers with a password or smart card-based authentication, using your existing security infrastructure which reduces the need for extra passwords. Print management software can be used to hold documents in a print queue, and maintain a complete audit trail of document activity.
It’s also a common thing to restrict access to physical ports (USB, flash drive) to prevent anyone from stealing your confidential documents or infecting your company’s network.
External document security threats can also be reduced
Documents can be hacked despite having security measures in place. We recommend following these 3 good practices to limit security breaches.
1. Protect your data
The lack of an effective encryption method can prove to be fatal for a business. It goes without saying that your company should have up to date anti-virus and spyware software. As working from home is now more common, we rely on Microsoft Defender ATP (Advanced Threat Protection) to secure our remote workforce.
Moreover, filtering Internet access across the company reduces the chance that employees can be the victim of external phishing sites or download malware that can spread throughout the organization. We also advise using a company VPN when public wi-fi is the only solution.
Hardware encryption is also a must-have: what happens if a laptop gets stolen? Our Head of IT naturally chose Microsoft BitLocker to lock the data stored in our laptops hard drives.
2. Change document format
Sending documents as PDFs removes document format-dependent bottlenecks and turns digital documents into password protected files with secure encryption and permission controls to manage edits. This means that they cannot be edited by anyone but the document creator, reducing the risk of counterfeiting. PDFs also prevent hackers from retrieving the metadata of the document creator when using Word/PowerPoint formats.
What’s more, electronic signatures can not only help senders get a quick signature on outgoing documents, but also enable recipients to ensure that the documents they receive do indeed come from who they claim to be from, and that no alterations have occurred since it was authenticated.
3. Use passwords wisely
And let’s not forget passwords too! Our system administrators at UpSlide recommend having a strong password policy coupled with MFA (Multi Factor Authentication) to avoid changing passwords every 3 months. It’s also good to remind your fellow colleagues of some basic rules about passwords:
- Never ever write passwords on sticky notes and then “hide” them behind your keyboards
- Do not repeat your password across multiple accounts and platforms
- Check if your account has already been breached by going to HaveIBeenPwned.com and checking your email address.
- The longer the better! Go to HowSecureismyPassword.net to check the strength of your password
Ensuring that new joiners go through an engaging and informative internal training session covering both internal and external risks is vital. Employers often cover this with a simple e-learning module or worksheet, but often it is not always enough to make employees understand the threat.
How UpSlide features can help on document security
At UpSlide, we want to you to be as efficient as possible on the Microsoft Office suite.
But that’s not our only concern. Many of our features aid document security and ensure compliance:
- The Finalize feature cleans your document, removing links to Excel data, cross references and hyperlinks, and marks it as final, ensuring that no other person will be able to make modifications to your document.
- The Send feature,integrated into PowerPoint , Word and Excel, allows you to quickly send selected pages of a document out to clients or other employees. So you will never run the risk of accidentally attaching incorrect or sensitive slides or pages. (This works especially well with the finalize feature but they don’t necessarily have to be used together!)
We also recommend ticking the PDF option if your files are aimed at external recipients.
- The Shared Library makes sure that you use validated resources and images as they are accessible from within PowerPoint, Excel and Word. This also means that no one can accidentally erase all files and documents and helps organise content into folders.
- Slide Check is great for making sure that your PowerPoint documents are flawless. It will also signal if you are using outdated slides that have since been updated in the library. Compliance is now easier than ever!
- The Excel to PowerPoint Link uses unbreakable links. This means that your documents will always contain the most up to date data.
- The Clean and Prepare tool helps you reduce your Excel file size so they can be sent via email and not through a document hosting platform where files can be accessible by third parties.
If working safely is as important as working efficiently, we would be pleased to show you what UpSlide can do to ease the document security management of your company.