National Cyber Security Awareness Month
October is National Cyber Security Awareness Month and the Department of Homeland Security has outlined some themes for this year’s campaign which I will be writing about throughout the month.
This week, we’re cover some easy tips for protecting yourself and your data online. Anybody can take a few simple steps to help protect themselves online and to prepare themselves to recover their data in the event they do have an incident.
Here are five easy things anyone can do to help improve your online security:
1. Up your password game
There’s a misnomer that long complicated strings of characters make the best passwords. Often times, these hard-to-remember strings cause people to write down the passwords or duplicate the same password across multiple sites.
Duplicate passwords leave you vulnerable if any site is breached, and your password is stolen. Usernames tend to be consistent across sites, usually as simple as your email address. So, if your password is stolen from one site, you are vulnerable to attacks on other sites with more crucial information.
A good strategy for password creation is to use four random common words with spaces between, using a punctuation or number when mandated. Site XKCD illustrates why this is a good practice.
2. Use Multi-Factor Authentication
Multi-factor authentication is becoming the current best practice for improving security in today’s remote workplace. You’ve probably seen this offered by your bank, Google/email accounts, or other security-focused organizations. Passwords (something you know) is considered one factor to authenticate.
The second factor can be either something you have (like a code from a key fob, application, or text message), or something you are (like a fingerprint, facial recognition, or retinal scan).
Adding this second factor means that even if someone is in possession of your username and password, they don’t have this second factor needed to gain access to your information.
Enable two-factor authentication for all major sites you use, especially banks, credit cards, or other PCI-compliant financial institutions.
3. Harness Endpoint Protection
There’s been a popular misnomer that operating systems don’t need endpoint protection (anti-virus) because of their native security. Whether you’re running Windows, OSX, or Linux, good endpoint protection is necessary.
At MicroAge, we’ve seen a rise of devastating attacks across the board, and native or integrated security is not enough for a modern cybersecurity strategy.
Windows Defender, the pre-installed endpoint protection from Microsoft, is a start but may not protect against most advanced threats.
4. Backup, Backup, Backup
Even with the best security, the most cautious user isn’t 100% safe from all threats. Mishaps happen. When someone does get a virus, most of the time the only way to get your information back is to restore from a backup.
For home users, a backup can be as easy as an external USB drive that is not permanently connected to the computer. This is important as some malware can access connected drives and could corrupt your backup leaving you with a false sense of security. Use the device to backup periodically and remove it from the computer.
Another solution is using an online backup provider.
5. Know Email Best Practices
Email is a common method of attacking users. Attacks can come from malicious files or by pretending to be from a reputable source. Your endpoint protection will help guard against files downloaded from your email, but only downloaded files you were expecting to receive and from trusted users.
Spearphishing emails try manipulating you into providing sensitive information to a site that appears to be legitimate. If you receive an email from your bank or other source asking you to log in to confirm something, please navigate to the site from your browser directly. Avoid clicking links from within emails as those can be made to look reputable but may in fact lead you to another site.
Online security is important to everyone, not just corporations. These easy steps can be used by everyone to help improve your safety online.
Is your organization secure?
At MicroAge, our security experts are here to help you arm your business and your data—every step of the way.