Simple Steps to Online Safety

Simple Steps to Online Safety

Malware. Ransomware. Identity and data theft. Phishing. Corporate account takeovers. Denial of service attacks. As recent headlines illustrate, cyber attacks are a real and growing risk for all organizations. It’s no longer a question of if an attack will occur, but rather when. The following steps can help protect against these ever-present threats in our world today.

Protect Passwords and Logins

Passwords are a significant vulnerability for many individuals and organizations, but this vulnerability can be managed.

Patch Systems

Preventable breaches like WannaCry highlight the importance of patching systems in a timely manner.

Manage Mobile

Cybersecurity experts agree that the explosion in use of mobile devices will lead to security challenges in the future.

  • Do not save sensitive information locally.
  • Use device encryption if possible.
  • Set an inactivity lockout (PIN or biometric to unlock).
  • Learn how to address current cybersecurity risks, including those posed by mobile devices.

Control Internet Access

Malware can be downloaded from websites via fake advertisements, malicious links, or browser plug-ins.

  • Use content filtering to block website categories that are not necessary for business purposes.
  • Educate employees on the risks of malware, why they should be wary of clicking links in banners and blogs, and why they should pay attention to their cyber surroundings.

Prepare, Document, and Train

It is important for all employees to help keep your organization safe from cyber threats.

  • Implement written policies for password requirements, secure use of email and internet, mobile device acceptable use, document storage and removal, etc.
  • Plan your response to cyber incidents—see the “Plan Your Response” section at this link for items to include.
  • Provide ongoing employee training on relevant threats and internal policies and security procedures.

Access additional cybersecurity articles and blog posts here. 
Contact us with cybersecurity questions: [email protected]

About the Author:

Traina & Associates, a CapinCrouse company, has been providing information security services, including cybersecurity assessments, consulting, and training services, to financial institutions, nonprofit organizations, medical entities, professional services firms, and other organizations since 1999. Each year the firm performs hundreds of assessment, consulting, and speaking engagements with a team of experienced professionals retaining numerous certifications, including CPA, CISSP, CISM, CISA, CITP, CGMA, and CTGA. Each engagement is tailored to fit the unique needs of the organization, and information and reports are presented in a clear, concise manner intended for an audience with varying information systems (IS) knowledge. More information is available at trainacpa.com.

DC—Oct. 10