Maintaining high levels of security is of utmost priority for financial and professional services companies as they must protect their client’s details.
Threats to document security can include: security breaches, unstructured data, unsecured files, human failure and unauthorized access to storage.
All these present a risk to client data, customer databases, financial details and current deals.
TL;DR
Employees are often the weakest link in security, so strict organizational codes and practices are necessary to reduce risk.
Key tips for document security include preventing phishing attacks, managing access rights and passwords, using encryption and VPNs, changing document formats to PDF, and providing employee training.
Discover UpSlide’s top features that aid document security and compliance.
Guarantee document security and minimize risk
90% of our clientele are within financial services, where regulation, security and compliance levels are extremely high. We know that it’s more important than ever for clients to trust your company, which is why we mploy strong security tools and policies to comply with their standards.
But did you know that employees are the weakest link in your security architecture? For this reason, strict organizational codes and practices need to be in place to reduce risk.
Whilst the topic of document safety can be daunting, there are simple steps you can take to ensure that your documents and data remain safely within your organization…
The most common document security threats are internal
Prevent employees from becoming phishing victims
Phishing emails now account for 90-95 % of all successful cyberattacks worldwide, posing the biggest internal threat. This is where hackers act as trustworthy entities such as suppliers, colleagues or even clients, and ask for sensitive information. Teaching your team the easy ways to detect phishing emails will help prevent nasty attacks. Here are a few examples:
- Make sure that you check the sender’s actual email address, not just the name.
- Watch out for spelling mistakes, errors, and incorrect or slightly tweaked logos
- Be cautious if the sender uses urgent language
- If in doubt, verify the email with your IT team so you don’t compromise any sensitive documents.
At UpSlide, we rely on Office 365 Advanced Threat Protection which offers two great security tools:
- Safe Links which analyses external links and detects suspicious links used in phishing emails
- Safe Senders to maintain a list of trusted senders in Outlook
Here’s an example of an email automatically blocked as its attachment contained malware (courtesy of our Head of IT):
Viruses and ransomware can corrupt documents stored on your servers. Be cautious when dealing with spam and phishing emails.
Manage your documents
Document security works best when access rights to documents are granted on a need-to-have basis. Having documents locked by passwords and restricting access is an effective way to ensure a secure document environment. Electronic document management systems can be extremely useful. These systems will have audit trails that monitor documents and record any modifications and general activity. It is vital that these trails must be actively checked for suspicious activity which could pose a threat to document security standards.
Many of our clients rely on data protection systems such as Azure Information Protection to classify, label, and protect documents based on their sensitivity.
This also raises the issue of physical documents, which can end up left around the office, for everyone to see. It is essential that this does not happen. Make sure your co-workers securely destroy sensitive documents (instead of simply binning them) or lock them away safely if they need to keep them.
Be aware of shared devices
Shared devices like printers and scanners are another point of weakness for document security. To limit the danger, only authorized users should be allowed access to network applications and resources from these systems.
Protect printers with a password or smart card-based authentication, using your existing security infrastructure which reduces the need for extra passwords. Print management software can be used to hold documents in a print queue, and maintain a complete audit trail of document activity.
It’s also a common thing to restrict access to physical ports (USB, flash drive) to prevent anyone from stealing your confidential documents or infecting your company’s network.
External document security threats can also be reduced
Documents can be hacked despite having security measures in place. We recommend following these three good practices to limit security breaches.
Protect your data
The lack of an effective encryption method can prove to be fatal for a business. It goes without saying that your company should have up to date anti-virus and spyware software. As working from home is now more common, we rely on Microsoft Defender ATP (Advanced Threat Protection) to secure our remote workforce.
Moreover, filtering Internet access across the company reduces the chance that employees can be the victim of external phishing sites or download malware that can spread throughout the organization. We also advise using a company VPN when public wi-fi is the only solution.
Hardware encryption is also a must-have: what happens if a laptop gets stolen? Our Head of IT naturally chose Microsoft BitLocker to lock the data stored in our laptop hard drives.
Change document format
Sending documents as PDFs removes document format-dependent bottlenecks and turns digital documents into password-protected files with secure encryption and permission controls to manage edits. This means that they cannot be edited by anyone but the document creator, reducing the risk of counterfeiting. PDFs also prevent hackers from retrieving the metadata of the document creator when using Word/PowerPoint formats, ensuring that you send secure documents.
Adding electronic signatures to documents before sending provides the recipient peace of mind that the files do indeed come from the authentic sender and that no alterations have occurred since it was authenticated.
Use passwords wisely
And let’s not forget passwords too! Our system administrators at UpSlide recommend having a strong password policy coupled with MFA (Multi Factor Authentication) to avoid changing passwords every three months. It’s also good to remind your fellow colleagues of some basic rules about setting a strong password:
- Never ever write passwords on sticky notes and then “hide” them behind your keyboards
- Do not repeat your password across multiple accounts and platforms
- Check if your account has already been breached by going to HaveIBeenPwned.com and checking your email address.
- The longer the better! Go to HowSecureismyPassword.net to check the strength of your password
Ensuring that new joiners go through an engaging and informative internal training session covering both internal and external risks is vital. Employers often cover this with a simple e-learning module or worksheet, but often it is not always enough to make employees understand the threat.
How UpSlide features can help improve document security
At UpSlide, we want you to be as efficient as possible on the Microsoft Office suite.
But that’s not our only concern. Many of our features aid document security and ensure compliance:
- The Freeze feature enables you to lock a PowerPoint presentation from editing, restricting changes to the content within your slides. This protects a presentation file from being edited by unauthorized others, ensuring it remains compliant and that you can send secure documents.
- The Finalize feature cleans your document, removing links to Excel data, cross references and hyperlinks, and marks it as final, ensuring that no other person will be able to make modifications to your document.
- The Send feature, integrated into PowerPoint, Word and Excel, allows you to quickly send selected pages of a document to clients or other employees. You’ll never run the risk of accidentally attaching incorrect or sensitive slides or pages. We also recommend ticking the PDF option if your files are aimed at external recipients.
- The Content Library provides access to the latest, compliant resources and images from within PowerPoint, Excel and Word. It also means that no one can accidentally erase all files and documents, plus helps organize content into folders.
- Slide Check is great for making sure that your PowerPoint documents are flawless. It will also signal if you are using outdated slides that have since been updated in the Library.
- The Excel to PowerPoint Link lets you connect data from Excel to PowerPoint or Word and update it with our unbreakable Link. This means that your documents will always contain the most up-to-date data.
- The Clean and Prepare tool helps you reduce your Excel file size so it can be sent via email and not through a document hosting platform, where files can be accessible by third parties.
If working safely is as important as working efficiently, we would be pleased to show you what UpSlide can do to ease the document security management of your company.
Have we missed any key tips for keeping documents secure? Let us know in the comments below.
