Eze Castle Integration Eze Castle Integration

Hedge IT Blog

IT Security Dos and Don'ts to Live By

By Kaleigh Alessandro,
Tuesday, July 15th, 2014

IT Security Dos and Dont'sWe spend a lot of time educating our clients about security best practices and encouraging them to implement comprehensive security policies and procedures to mitigate risk and protect both the firm and its employees. And for good reason. Just today, New York Attorney General Eric Schneiderman released a report stating data breaches across the state more than tripled from 2006 to 2013 and cost businesses more than $1.37 billion last year alone.

While companywide policies should reflect long-range expectations and corporate best practices, they should also include tactical recommendations that employees can follow to ensure they are complying with the company’s overall risk strategy. In addition to providing employees with security best practices they should follow, don’t forget to also include a list of actions they should not. Here are just a few pieces of advice we regularly offer our investment firm clients:

DO:Check Mark

  • Lock your computer and mobile phone(s) when you leave your desk and/or office

  • Use care when entering passwords in front of others

  • Create and maintain strong passwords and change them every 60-90 days (We recommend a combination of lowercase & uppercase letters and special characters)

  • Change your password immediately if you suspect that it has been compromised

  • Report suspicious activity to the IT team/CSIRT to help minimize cyber risks

  • Protect personal computers and devices with anti-virus software when working remotely


  • Allow others to use your login ID or password

  • Use the same password for every applicationX Mark

  • Store passwords on a piece of paper or other easily accessible document

  • Open email or attachments if the sender is unknown or suspicious

  • Provide information such as login IDs, passwords, social security numbers, account numbers, etc. via unencrypted email

  • Leave your laptop or mobile device unattended while in a public place. Lost or stolen equipment, including mobile devices connected to corporate network, should be reported immediately

  • Keep open files containing personal or confidential information on your desks or in an unlocked file cabinet when away from your office/desk

  • Install unauthorized programs on your work computer

  • Plug in personal devices without permission from IT

For more security best practices and tips, check out these other articles:

Cybersecurity Whitepaper

Photo Credits: Wikimedia Commons

Categorized under: Security  Cloud Computing  Disaster Recovery  Hedge Fund Operations  Infrastructure  Communications  Business Continuity Planning  Trends We're Seeing 

Recent Posts / All Posts