Top 3 Cybersecurity Best Practices

There are news articles almost daily about data breaches and cybersecurity incidents. According to Forbes, in the first six months of 2019 there have been 4.1 billion records exposed. Everyone plays an important role in cybersecurity awareness from the top down. In honor of National Cybersecurity Awareness Month here is our recommendations for the top three cybersecurity best practices.

October is National Cybersecurity Awareness Month (NCSAM), and as such, we encourage employees, vendors, friends, and family to take proactive steps to enhance personal and collective cybersecurity. NCSAM is a collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online. Wolf Technology Group is a NCSAM Champion helping to increase awareness and can assist your business with cybersecurity best practices.

One: Continuous Education

Cybercriminals are constantly developing new schemes to prey on users. We must all do our part by staying vigilant and reviewing information before clicking on or opening links and attachments. This is the best defense against cybercriminals, and it is free.

IT Professionals: As the front-line of defense, it is important for IT professionals to stay up to date on the latest cyberthreats to help protect and keep users safe. However, if you over complicate IT processes it drives users to use systems outside the corporate network which can lead to a data breach. For example, many users do not like to have to VPN to securely access work files so they setup free Dropbox accounts to store and share data. This is a huge liability because the company does not have control of the data and it can be easily accessed if a user loses their iPad or iPhone. Users need to understand how that impacts them, provide examples. For instance, if a human resource employee decided to save the company’s personnel files in a free personal Dropbox account and synced them to their iPad. Then the user loses their iPad which had no password. Someone could access the personnel files which have social security numbers, date of birth and home addresses. If the data and device was managed properly and secured by the company and it could be wiped remotely if the user loses it.

Users: Remember the IT department was not created to make your life harder. There are reasons why you must change your passwords and have different combinations of characters. The IT department can only do so much to protect you so need to take responsibility too. It only takes a few seconds to hover over hyperlinks to see if the URL appears valid or send an email or call your colleague to confirm they sent you information before opening unknown links or attachments. Go directly to website and login versus clicking on links from emails and texts. One clicks on a malicious hyperlink and you can expose your personal information and everyone at your company.

Two: Manage Online Presence

People are obsessed with posting everything on social media without thinking about the ramifications. A seemingly harmless selfie at work could contain employee information or proprietary code on the computer screen for millions to see. It is important to regularly review privacy settings on all devices. Sometime new software updates change the settings you saved previously or add new ones that you need to review. Checking in on social media makes it easy for stalkers to follow you and posting vacation pictures is an open invitation for criminals to rob your house. Cybercriminals are finding new sophisticated ways to steal your personal information, do not make it easy by posting it all on social media. For example, it seems harmless to post to your friend’s Facebook happy birthday and confirm their date of birth when Facebook asks you, but in reality, you just told all the cybercriminals an important piece of information. Even checking your social media on company devices can place all your co-works at risk.

Three: Regular Updates

Software updates are annoying because they can take a long time and they change our settings. However, they are very important. Companies are constantly releasing patches to protect us from cybercriminals. Recently, we had a customer that did not want to keep their WordPress CMS up to date and they got hacked and someone started an ecommerce site out of their website host. Luckily, this did not impact their business other than having to pay to have the malicious code removed from their website. This all could have been prevented by keeping their WordPress CMS up to date. Many devices allow you to install updates automatically or you can set a reminder for yourself to check monthly. IT professionals create rules or policies to push updates to your company owned devices, but it still requires you to acknowledge or reboot the device to complete the process.

Again, cybersecurity is a top down process that requires us all to take responsibility. You have the power to help prevent data breaches. Your personal information is like money so be cyber aware when you are posting online. Keeping our digital world secure requires all of us to be proactive and vigilant. Learn how you can be cybersmart this National Cybersecurity Awareness Month at staysafeonline.org. Schedule your free intrusion test today for your business or contact Wolf Technology Group to learn how we can help keep your business secure. We provide full-service IT support from cybersecurity to user support. Learn more about our Managed IT Services.

Every employee can help prevent malicious cyber-attacks by establishing effective cybersecurity practices, which include digital and non-digital methods. Cybersecurity is an essential factor to the success of any business or organization and we strongly encourage collaborative efforts across all sectors to raise cyber awareness.