Don’t Click Unknown Links
The favorite tactic that hackers use to gain access to a network or workstation is phishing, which relies on a user clicking on a link or download that conceals a much more malicious delivery. While a spam blocker has likely stopped many phishing attempts already this year, it only takes one successful attempt to cause some serious productivity issues, if not worse.
Our best recommendation: don’t provide any sensitive information (personal or company-owned) in any form of message unless you know who it is on the other end beyond any doubt. There are substantial threats to your security out there, and phishing is the preferred way of introducing nastiness like identity theft and ransomware to your network. As so many negative impacts can come from phishing, resisting it in any and all ways possible is critical.
Strong Passwords are a Must
Ideally, this one would be a no-brainer at this point, but data breach after data breach has shown that password habits are nowhere near where they ought to be. Seeing as we’re discussing cybersecurity tips, it seems appropriate to review some fundamental password best practices.
A good password will have the following, to make it more difficult for either a computer or a hacker to guess:
- A mixture of majuscule and miniscule (also known as uppercase and lowercase) letters
- A mixture of alphanumeric characters (or both letters and numbers)
- Symbols included in the mix
However, some may find random combinations of characters difficult to remember—especially considering the number of different passwords every user should have nowadays. That’s why the passphrase is gaining traction as a good alternative. By compiling five or six random and unrelated words together, you can make a memorable credential that is remarkably difficult to crack.
Of course, this doesn’t solve the “too many to remember” issue, so we like to recommend the use of a reliable password manager in tandem with your use of passphrases. By saving your passwords in one of these convenient and securely encrypted programs, you can be sure that your passwords are safe and accessible while only needing to remember one for any amount of time.
Combining this approach with the use of two-factor authentication can boost your security even further by adding another requirement to access an account—a requirement other than a second password/phrase. With 2FA, a second proof of identity must be supplied, usually in the form of a code delivered via text or email or generated with a specialized application.
Always Use Secure Wi-Fi
While Wi-Fi seems so convenient, this convenience can be a real threat to your security. That’s why you need to ensure that your business’ Wi-Fi is fully secured, hidden from external view and fully encrypted. If your work should take you out of your office (and out of range of your secured Wi-Fi) you should use a virtual private network, or VPN, to secure your up- and downloads. You should only ever access a public Wi-Fi connection if you have an active VPN… to do otherwise is borrowing trouble.
Of course, not all VPNs are as good as others. However, if you equip your office with a comprehensive network security suite, the included VPN licenses should be enough to protect your data if you need to use an external Wi-Fi signal.
Cybersecurity is far from a simple matter, but it becomes far more complex when a user isn’t aware of their importance to the overarching protections that shield the business in question. For more information about your cybersecurity needs and the risks you face, subscribe to our blog, or give Level5 Management a call at (561) 509-2077.