Cyber security for small miners: How to secure a laptop in under 15 minutes
If you’re a Drilling or Exploration Manager at a small or Junior mining company, you may have begun using digital tools to run your business.
Tech has the power to help make our working lives easier, but there is an underlying element of risk involved as more of our work moves online: the risk of a cyber attack.
Why mining companies are at an increased risk
Mining is at a particularly high risk of attack because of the high value of knowledge and financial assets controlled by mining businesses. Small or Junior businesses are perceived as (relatively) easy targets due to time and resource constraints, putting you at an increased risk.
The good news is that you don’t need to spend a fortune on a cyber security program or go back to using pen and paper to protect your business. It's easier than you think to take massive steps forward in securing your business - without having to spend a single extra dollar of your budget!
Your computer has powerful inbuilt security settings that prevent someone from gaining access, but there’s a catch - you have to opt in manually.
Today I’ll walk you through four easy (and free) steps to help reduce the threat of a cyber-attack. It should take 15 minutes or less to complete (per device).
Let’s get stuck in.
How to secure a laptop in under 15 minutes
1. Set up your user accounts correctly
Time to complete: 3 minutes
Chances are your staff are all using administrator-level accounts on their work computers, but I recommend they start using a standard-level account.
Standard accounts have additional built-in security features, including measures to prevent:
- accidental download and installation of malware
- unintentional deletion of files that are needed for the computer to run
- restoring the computer to its original condition if the staff member leaves.
It’s really easy to set up a standard user account, and it doesn't affect how you work day-to-day. Here’s a link to the instructions:
As the Manager, you should retain the administrator account password to your business' devices. Make sure to generate and store it in a password manager for maximum protection.
2. Automate critical file backups
Time to complete: 8-10 minutes
Backing up your system is a great way to protect yourself against system crashes, loss or theft of a device or even ransomware attacks.
The best kind of backup is one that is set and forget. The more difficult or involved the backup process is, the less likely it is to get done (and the more regret you’ll have if you lose weeks of plod or assay data!).
I recommend a cloud-based backup service as it removes the need to purchase and store physical hard drives.
There are loads to choose from online, but if you’re using Microsoft 365, you can use One Drive for free as part of your subscription. Here are the instructions to get set up automatic One Drive backups.
3. Encrypt your hard drive
Time to complete: 2 minutes (plus loading time)
Encryption protects the contents of your hard drive by turning it into a code that can only be read by a device with the key to unlock it. This protects your data if your device is stolen or someone tries to steal your files using a USB drive.
Encryption sounds technical, but it’s really easy to set up. Just make sure you keep a record of your recovery key in a secure place like a password manager.
On Windows, the encryption setting is called BitLocker, and on Mac, it’s called FileVault. These can be found in your device settings.
4. Turn on auto-update
Time to complete: 2 minutes (plus any outstanding update time)
Both Windows and Apple run regular security tests. When a vulnerability is found, an update is issued and then pushed to all customers to make sure that their systems stay protected.
Even though the frequency of the updates can be annoying, it is best to accept them to protect your system in the long run. The easiest way to avoid putting it off (and possibly kicking yourself later) is to just turn on auto-update and remove the temptation of dismissing it (use it as an excuse to make yourself a coffee, enjoy the sunshine for 5 minutes - win-win!). You can also turn it on to happen outside of working hours if you find them overly disruptive to your day.
Executing these changes on your own device is a great step forward on your business's cyber security journey, but for maximum benefit - make sure the rest of your team is also part of the change.
The easiest and fastest way to make sure your teams' devices are secure is to use a register to record the steps taken on each device in a central location. Make this quick and easy for yourself by downloading a copy of our free Device Asset Register!
If you have any further questions about cyber security as a Junior exploration company or small drilling business, I'd be happy to chat with you. Send me a message through the chat bubble.
More from our blog
CorePlan is a cloud based operations platform that help people in mining work better together.
Exploration teams at Mining Companies (and Exploration companies) use CorePlan's Exploration Hub to plan, run and manage their drill programs.
Drilling Contractors use CorePlan's Drilling Hub to capture data from the field, share the data with their clients (which happen to be exploration companies and mining companies) and then invoice them.
As a modern SaaS platform you are able to easily subscribe and get started in a matter of days.