Lucky 13 IT Best Practices

1. Install Anti-Virus and Malware on all machines (even Macs – latest threats have been engineered for

Macs specifically). Anti-Malware applications such as Malware Bytes can help prevent and remove



2. What is the one source of truth for your master data? e.g. Google Drive, SharePoint, Box, etc.?

  • No saving files to local machines
  • Besides cloud backups (recommended) – doing an additional backup of data (e.g. local external hard drive or network attached storage device) weekly or bi-weekly is also strongly recommended
  • Two-factor authentication for cloud based resources highly recommended

3. No personal laptops (BYOD), users must be given a machine that belongs to the organization

4. Install remote wipe or drive encryption utilities for any devices belonging to executives/VIPs

Functionality included with latest prof. license version of Mac and PC operating systems

5. Always lock laptop in the trunk of car, even if just parking for a minute

  • When away from your machine, consider locking your screen and keeping your machine out of sight. Consider using a privacy screen when in public places
  • Absolutely avoid using public WiFi (including Xfinity and AT&T) for customer facing or other sensitive operations


6. All software licenses should be legal and with active support contracts (e.g. MS Windows/Office, CRM,

ERP, Adobe Creative Cloud, etc.).


7. Access to adult and torrent (music/movie download) sites should be blocked unless necessary for

business reasons


8. Absolutely no writing passwords on Post-It- Notes, use a password management utility like


  • Passwords should be a minimum of eight characters and alphanumeric, utilizing at least one special character.
  • Never use the same password for multiple systems and require users to change important passwords every six (6) months
  • Never email login credentials, e.g. use a password protected MS Word, Excel or .PDF  doc to store/send passwords and send the password to the doc separately via text message or just text the password in the first place!

9. Use a basic inventory management and tracking system. Record machine names, MAC addresses,

Serial numbers and all mobile devices in circulation. Spreadsheets are fine or use a utility like



10. Any IT purchasing for equipment, software or services should be done by one or two company key

stakeholders or long-term staff, using only company credit cards, not ones belonging to individual

employees who may leave. If the card expires and the vendor is not able to reach you to get a new card

number, they will shut off your service (e.g. website hosting service discontinued without notice,

website down indefinitely…).


11. Make employees sign an Acceptable Use Policy for Technology, Data Retention, Social Media use,

(should be included in employee handbook). Ask us for a template that we can help you edit to suit

your organization.


12. Have a master document that explains what your IT consists of: HW/SW, licenses, where data is

stored, where passwords are stored, emergency protocols in case of a critical event. This should

be part of a basic business continuity plan.


13. If you’re unsure about an email – don’t open it! Stop and call or email back if purported to be

from a someone you know. Don’t click any links and don’t download anything! Do you think you

have what it takes to avoid a phishing attack? Take this quiz to find out: phishing-quiz/


Don’t be a victim of IT bad luck. If you would like to discuss the above items in more detail or have

any other questions, please email: