The introduction of GDPR is a good opportunity to make sure that you’re following best practices when it comes to securing the data that you use to run your business.
Light Blue Software takes extensive precautions to secure every aspect of the online services that we offer, but because Light Blue stores a copy of your data on each of the devices you’ve installed it on (which allows you to use it even if you don’t have a fast internet connection, or are completely offline, and even allows you to use some of Light Blue’s features even if you don’t want to subscribe to our online services) you should also take steps to ensure the security of those devices.
There’s always a tradeoff between convenience and security, but we’ve put together a list of security measures that you should consider. It’s your responsibility to secure your clients’ personal data, but this should give you a starting point if you haven’t already put your own data security policies in place.
Password protect your computers
Password protecting your computers is essential for securing the data on them: not just your clients’ personal data, but everything else you’ve stored on there! Both macOS and Windows have built-in options to require a password when turning the computer on, or waking it from sleep or the screensaver.
If you’re using a computer in a situation where other people are around, it’s sensible to activate the screensaver to lock it whenever you leave your computer. On macOS, I find using a “hot corner” to activate the screensaver really convenient because all I have to do is move the mouse pointer to the top-right corner of the screen to lock it.
If you’re using Light Blue’s iOS app, you should ensure that you’re using Face ID, Touch ID, or a secure passcode on your iOS devices to prevent unauthorised access.
Use full disk encryption
Password protecting your computers is a good first step, but if someone steals it then they could remove the hard disk or SSD and bypass the operating system’s password protection. This is especially relevant to laptops, which are easily portable and tend to be used in more vulnerable situations than desktop computers.
You can mitigate this threat by using full disk encryption. When you use full disk encryption, the encryption makes the disk unreadable to anyone who doesn’t have the encryption key.
macOS has an excellent full disk encryption system called FileVault built into it, and on a modern computer that uses an SSD or Fusion Drive it’s incredibly convenient to use. You can find out how to set up FileVault on Apple’s support site.
Not all versions of Windows include a full disk encryption option, but this handy article tells you how to use it and gives you some options if it’s not built into your version of Windows.
If you’re using Light Blue on iOS, your iOS device is already using full disk encryption if you’ve set a passcode lock, or are using Face ID or Touch ID.
Use a strong password for your Light Blue account
Securing your computers is essential, but you should also make sure that your Light Blue account is secured by a strong password to ensure that no unauthorised person can access it.
You can find lots of advice about creating strong passwords online, but the two most important points are:
- Make your passwords secure. That means making them long (at least 15 characters is a good starting point) and preferably not using a single word that’s in the dictionary.
- Never reuse passwords for different accounts! This is a very common mistake, and means that if someone gets hold of a password for one service then they can try to use that password to access your account on a variety of other services. For example, if you use the same password on your Netflix and email accounts, giving someone your Netflix password means that they can access your email and do any number of Very Bad Things.
We strongly advise using a password manager, which is a piece of software that makes it much easier to use strong passwords. The excellent 1Password is highly regarded by security experts, and is available for macOS, Windows, iOS, and Android.
You can update your Light Blue account password here. If you change your Light Blue account password, remember to enter the new password into Light Blue!
Consider turning on Light Blue’s password protection feature
The other tips on this page will help you to secure your devices and Light Blue account. You can also make Light Blue require a password when you launch it. To turn this option on:
- Set up at least one member of staff in the ‘Resources’ section of Light Blue’s preferences window, and set a password for them.
- Turn on the ‘Show User Login Dialog When Launching Light Blue’ option in the ‘General Preferences’ section of Light Blue’s preferences window.