As we close out the month of October, I am reminded that cyber isn’t just important for one month of the year. It is an integral part of our lives. We need to remember that hackers do not care what day, week, or month it is – they are always looking for your information and ways to lure you into giving that information to them! Awareness and understanding are both critical in this fight to protect our identities and the identities of citizens, co-workers and, on a more personal note, family. This awareness and understanding of the risks and threats is everyone’s responsibility.
Exploring how cybersecurity and staying safe online is increasingly important, for both our work and personal lives. Here is a list of the most important tips:
- Train your employees. Employees and emails are the foremost cause of data breaches for small businesses because they are a direct path into your system.
- Keep antivirus software updated. Make sure all your computers, internet-connected devices, phones, and tablets are equipped with regularly updated antivirus software, firewalls, email filters and anti-spyware.
- Secure your networks. Secure your network by using a firewall and encrypting information. This is also useful for the individual. If you have a Wi-Fi network, secure it by hiding the network, by setting up a wireless access point or router so it doesn't broadcast the SSID service set identifier and network name. Protect the router and be sure the password is reset.
- Use strong passwords. Creating strong passwords is an easy way to improve your cybersecurity. Try to use different passwords for different accounts. Strong passwords include one uppercase letter, one lowercase letter, at least one number and 10 or more characters. Get creative.
- Backup your data. Routinely back up data on all computers and store that backup device away from any online connectivity.
- Control physical access. Keep the data center or server room locked at all times; and incorporate a two-factor approach to access it (i.e., key fob and passcode). Further, administrative privileges should only be given to trusted IT staff and key personnel.
- Be cautious with links in emails and online posts. If you’re unsure who an email is from – even if the details appear accurate – do not respond, and do not click on any links or attachments found in that email.
- Think before you act. Be wary of communications that implore you to act immediately. Many phishing emails attempt to create a sense of urgency, causing the recipient to fear their account or information is in jeopardy.
- Protect your personal information.
- Be wary of hyperlinks. Avoid clicking on hyperlinks in emails and hover over links to verify authenticity.
- Also ensure that URLs begin with “https.” The “s” indicates encryption is enabled to protect users’ information.
- And finally, please enable multi-factor authentication (MFA) to ensure that the only person who has access to your account is you. Use it for email, banking, social media and any other service that requires logging in. Don’t forget to implement it on your mobile device, if available.
More details about each of these tips can be found on the Cybersecurity and Infrastructure Security (CISA) website at Cybersecurity Awareness Month 2021 – Approaching Cybersecurity Tip Sheet.
In addition to these tips, there are a plethora of resources and templates that can be used throughout the year, not just in October. Visit Cybersecurity Awareness Month Resources, as well as the National Cyber Security Alliance.
Remember, cybersecurity is everyone’s responsibility; and it starts with each one of us!