Malware. Ransomware. Identity and data theft. Phishing. Corporate account takeovers. Denial of service attacks. As recent headlines illustrate, cyber attacks are a real and growing risk for all organizations. It’s no longer a question of if an attack will occur, but rather when. The following steps can help protect against these ever-present threats in our world today.
Protect Passwords and Logins
Passwords are a significant vulnerability for many individuals and organizations, but this vulnerability can be managed.
- Learn about new guidelines for managing passwords.
- Make passwords as strong as possible by testing with an online tool like howsecureismypassword.net.
- Consider a password management tool such as LastPass, Dashlane, or KeePass.
Preventable breaches like WannaCry highlight the importance of patching systems in a timely manner.
- Learn about three common cybersecurity threats, including vulnerabilities that require patching.
- Check the status of Windows patches on your home computer at update.microsoft.com/windowsupdate.
Cybersecurity experts agree that the explosion in use of mobile devices will lead to security challenges in the future.
- Do not save sensitive information locally.
- Use device encryption if possible.
- Set an inactivity lockout (PIN or biometric to unlock).
- Learn how to address current cybersecurity risks, including those posed by mobile devices.
Control Internet Access
Malware can be downloaded from websites via fake advertisements, malicious links, or browser plug-ins.
- Use content filtering to block website categories that are not necessary for business purposes.
- Educate employees on the risks of malware, why they should be wary of clicking links in banners and blogs, and why they should pay attention to their cyber surroundings.
Prepare, Document, and Train
It is important for all employees to help keep your organization safe from cyber threats.
- Implement written policies for password requirements, secure use of email and internet, mobile device acceptable use, document storage and removal, etc.
- Plan your response to cyber incidents—see the “Plan Your Response” section at this link for items to include.
- Provide ongoing employee training on relevant threats and internal policies and security procedures.