Company Best Practices

  • Always encrypt your data! This includes at-rest encryption (i.e. encrypting your laptop harddisk) and in-transit encryption (i.e. encrypting the emails that are exchanged within the company and to the outside whenever possible).
    For harddisk encryption, find a how-to here:
    https://www.howtogeek.com/234826/how-to-enable-full-disk-encryption-on-windows-10/ (Windows)
    https://support.apple.com/en-us/HT204837 (Mac)

  • Maintain a meaningful password policy:

    • Use a secure password (10 characters minimum length, include upper case and lower case letters, at least one number and one special character (e.g. @#$%&*())

    • you can check password strength e.g. at https://howsecureismypassword.net/
      Suggestion: If you are using Google Chrome, you can use the built in password suggestions and password manager. Firefox provides a similar service called Lockwise.

    • Do not use the same password to secure more than one account!

    • Choose to login via your showheroes.com Account (which is a Google account) where possible. This uses a secure connection to exchange your user credentials.

    • Do not disclose your passwords to anybody!

    • Reset your password regularly (at least once a year).

  • Keep in mind the scope of your required compliance. The GDPR applies to all kinds of personal data: names, addresses, emails, card details, IP addresses, cookies and even social media posts!

  • Avoid data collection and restrict yourself to what is necessary for running the business.

    • In particular, do not download any customer personal data locally. Use secure and encrypted connections to the CRM system.