5 essential security controls for your laptops to stop your data being hacked

Accountancy and law firms have pivoted from having an office-based workforce to a significant proportion of staff being more mobile and working from home.

This has had a significant impact on IT systems, with many organisations opting to switch their case and practice management to cloud or hosted provision.

Whilst most firms now have IT that enables their staff to work from anywhere, in many cases little attention has been paid to the security of the laptops they are using to do this work.

As systems containing highly confidential, personal, financial and in some cases sensitive data are all accessed via these devices, laptops that are not properly secured, especially when used outside an office environment, present a very significant security risk.

Whilst most businesses users have antivirus deployed and update their computers every week, at Pro Drive’s we believe this is far from sufficient. Here are our essential security controls for laptops used by accountancy and law firms.

1. Encryption

Windows and Mac laptops do not have their hard disk encrypted by default. Should you accidentally lose a computer, or worse it is stolen, without encryption a criminal will be able to easily access the data on it and potentially use it to extort your firm or your clients whose data is on it. Encryption can be easily activated by and IT professional on most business devices.

2. Moving away from passwords

Passwords used to be the way to protect your devices and data. Unfortunately, now they have become a liability and criminals have developed highly effective ways to intercept or steal them. Modern ways of authenticating use specialist security chips built into your laptop paired with passkeys, biometrics or hardware keys and are substantially more secure.

3. Software security baselines

Your IT team should ideally apply updates to your computers at least once a week. However, this is not enough to prevent your computer being vulnerable. Microsoft regular recommend hundreds of configuration updates to keep the hackers out and these must be applied alongside the software updates.

4. Remote worker VPNs

When staff are working outside of your office network, they lose the protection of your firewalls and are working in networks that are not secured by IT professionals.  In particular home networks may have out of date equipment riddled with security flaws and smart devices with unfiltered connections to the internet. A business laptop being used in such an environment is putting your data at risk. Using a remote worker VPN (sometimes called a secure web gateway) will help protect your data from criminals who may be snooping on home networks.

4. Conditional access policies

These are not actually protection for your devices but having secured your company devices, you need to ensure that your data is not able to be accessed from non-business computers. Many firms are not aware that most cloud services, including Microsoft 365, allow this by default. It is essential to review your cloud applications and ensure they cannot be accessed outside of the business to protect your data.

If you are unsure whether you have the right protection in place to keep your data safe on your business laptops, get in touch about our free security audit.