In the interest of keeping your company safe from opportunistic and targeted attacks, we’ve compiled a list of quick defenses.
1. Train your employees. Employees are your number one risk.
The question is not, “Will your employees get your company hacked?” but rather “When will your employees get your company hacked?” While employee actions can circumvent almost every security control you have invested in, security awareness training is critical to prevent your employees from being your number one risk. Users are often the last line in your cyber-defense efforts, and there is no patch for people wanting to be helpful or wanting to do the right thing.
In this podcast, I explain why ongoing employee security training is crucial to ensuring employees know how to spot a hacking attempt, ultimately protecting your organization from a potential cyber-attack.
Listen to my Podcast Now
Key takeaways:
- Reasons why employees often do not realize how important they are to the process
- How not enabling multi-factor authentication on remote access to email allows hackers to easily access employee email accounts
- Why 91% of cyberattacks begin with a spear-phishing email
- The importance of having strong passwords for employees
- Why backing up data is a must for protecting against cyber-attacks
Subscribe to the Cybersecurity Sense Podcast on iTunes.
2. Enable two-factor authentication.
Added layers of security are always a plus. Two-factor authentication consists of two different forms of identification. A factor can be:
- Something you know (a password, PIN code, or security question)
- Something you have (a phone, key fob, or card)
- Something you are (a biometric factor such as a fingerprint or voice recognition)
This second level of authentication strengthens any login and gives you more peace of mind.
3. Use a VPN.
A VPN (virtual private network) is a great way to avoid possible attacks while using public WI-FI. The network acts as a middleman, securing your data and changing your IP address. You’ll browse on public WI-FI without fear of hackers using the opportunity to steal your information.
VPNs are ideal for employees who work remotely or who travel for work frequently. There are both free and paid versions of VPNs available. Take the time to research the networks that fit best for your company’s needs.
4. Install security updates.
Without fail, security update windows pop up right in the middle of that important project you’re working on. The remind-me-later button is nearly a reflex, making sure it doesn’t slow you down. After all, you will remember to update when you’re done. Won’t you?
We’re all human. Unfortunately, that means we’re all forgetful. When the pop-up comes back, we’ll be right in the middle of something important again, and the cycle continues.
Your computer’s security, and ultimately your company’s security, depends on simple vulnerabilities being fixed. A hacker could take the most insignificant vulnerability and turn it into a serious security incident.
Take a moment to save your work and install the updates.
5. Use strong, varied passwords.
This is perhaps the simplest of the five tips. A strong password helps to protect you from a hacker guessing your credentials. We tend to use passwords that contain words easily found in a dictionary or maybe our pet’s name. It’s understandable because we like to choose something we know we’ll remember.
As easy as it makes it for us to remember, this method makes it even easier for a hacker to guess your password and access your personal and work information. Even worse, if they guess that password, and you’re using the same one for multiple accounts, they now have easy access to a multitude of information.