Every now and again it’s sensible to do a system security check-up. We’d suggest starting with:
- Check logins. Have you removed any logins for people that have left? Is everyone at the correct level? Don’t forget to check each project, if you have them.
- Consider two-factor authentication if you haven’t already, at least for some users (system admins, for example)
- Check your password policy. We’d suggest a) long (12 characters+) and b) avoid common passwords. Encourage everyone in your team to start using a password manager to make this easier.
In Lamplight you’ll find all of these in System Admin > Database Operators and Security:
More generally, this update from the NCSC highlights the risks to charities from phishing and ransomware, and links through to the free support available to get Cyber Essentials.
Thanks for the photo by Lianhao Qu on Unsplash