4. The Basics Check

Overview

Encrypting your computer is not just for Jack Bauer and CTU (dated reference), anyone can do it.  This simple step will help prevent a data breach if your computer is stolen. 

EXAMPLE: This data breach (and corresponding customer notification) from a sole practitioner CPA could have been prevented if his laptop and thumb drive were encrypted.

The Spot Check:

STEP 1: If you don't already know, determine which version of Windows or Mac operating system you are running

STEP 2: Attempt to turn on full disk encryption in your operating system

PASS: You have a computer with the proper hardware (TPM) that is running a version of Windows or Mac that gives you the ability to encrypt the hard drive and it's already turned on.

FAIL: Your hard drive has the capability to be, but is not encrypted

SUPER FAIL: Your hard drive doesn't even have the capability to be encrypted because you have a computer without the proper hardware (TPM) that is running a version of Windows or Mac

If you fail:

Theft of your computer would be a data breach.

  1. Turn on encryption (see step 2 above).
  2. Have a conversation with your IT person about why it wasn't already turned on. 
  3. Contact Ariento or another vendor you trust to get a vulnerability assessment to see where else you may be at risk.

If you super fail:

Your operating system and/or computer hardware is not capable of encrypting your hard drive. 

  1. Have a conversation with your IT person about why you are using computer hardware and/or a version of an operating system that doesn't have the capability to encrypt. This should not be the case for a business computer. 
  2. Upgrade to a more modern operating system and/or a computer with a TPM chip and/or purchase 3rd party encryption software immediately! Contact us if you need help as this is included with our service.
  3. Contact Ariento or another vendor you trust to get a vulnerability assessment to see where else you may be at risk and to provide you concrete recommendations for improving your security posture.

If you pass:

Pat your IT person on the back for doing the basics and move on to Spot Check #5!


<-- 3. The Limit the Damage Check                                                                                                                   5. The Known Malware Check -->