Train yourself and your employees on best practices for device security. Regularly remind emplyees to be vigilant and aware of potential threats, these include:

Physical attacks:

A bad actor may try to gain physical access to a device by stealing it or by using a technique called "evil maid" attack, where they tamper with a device while it is unattended in a public place such as a hotel room.

Side-channel attacks:

A bad actor may attempt to extract sensitive information from a device by measuring its power consumption, electromagnetic emissions or other physical characteristics.

Remote access attacks:

A bad actor may try to gain unauthorized access to a device by exploiting vulnerabilities in remote access software or by using malware to establish a backdoor into the device.

Supply-chain attacks:

A bad actor may try to compromise a device by tampering with it before it is delivered to the end user, for example by installing malware on the device during manufacturing.

Password cracking:

A bad actor may try to crack the password of an account or device by using a brute-force attack, a dictionary attack or by exploiting known vulnerabilities in the password-hashing algorithm.

Social engineering attacks:

A bad actor may try to trick users into providing sensitive information or login credentials by disguising themselves as a trusted entity, such as a bank or a government agency.

Quantum computing attacks:

A bad actor may try to use the power of quantum computing to crack encryption keys and gain access to sensitive information.

AI-based attacks:

A bad actor may try to use Artificial intelligence to identify vulnerabilities on the system and exploit them.

It's important to note that the threat landscape is constantly evolving, so it's essential to stay informed and adapt security measures accordingly.

Keep the computers in a secure location when not in use, such as a locked room or cabinet.

Use a cable lock to physically secure the computers to a desk or other immovable object.

Use a privacy screen or webcam cover to prevent unwanted access to the computer's camera.

Use a surge protector to protect the computer from power surges and voltage spikes.

Keep the computer and its peripherals in good condition, such as cleaning dust from fans and vents to prevent overheating.

Use a laptop lock to physically secure the computer to a desk or other immovable object.

Always use a protective carrying case when transporting a portable device, laptop or desktop computer.

Avoid leaving portable devices in plain sight in vehicles or other public places.

Be aware of your surroundings when using a portable computer in public, and be prepared to close and secure it quickly if necessary.

Pass-words managers for passwords:

password managers have inherited problems and risks in exchange for convenience to the user.

These problems include:

Security breaches:

Password managers store all of your passwords in a single location, so if a hacker gains access to the password manager's database, they will have access to all of your stored passwords.

Loss of access:

If you lose access to your password manager account (e.g. if you forget your master password), you will lose access to all of your stored passwords.

Phishing:

If a user falls for a phishing attack, the attacker may gain access to the user's password manager account, including all the stored passwords.

Cloud-based password manager:

If the password manager is cloud-based, the company that runs the service could potentially access your stored passwords, or they could be compromised in a data breach.

Single point of failure:

If the password manager software or service goes down or out of business, you may lose access to all of your stored passwords.To mitigate risks, your password manager should be set up with strong and unique master password, enabled multi-factor authentication (2FA) and regularly updated software. Additionally, it's important to backup the password manager's data to a safe place and keep an offline copy of your important passwords in a secure location.