Top 5 Cybersecurity Recommendations – Tech Tip for November 25, 2019
Today, there are lots of tools, recommendations, and FUD (Fear, Uncertainty, and Doubt) about cybersecurity floating around out there. Where does one start when it comes to building a robust security strategy?
To support you, this week we’ve put together a list of our current top 5 cybersecurity recommendations. TechWise Group CEO, Lauren Schwartz, and security expert, Shawn Lawson, have ranked the best practices that will help companies improve their security framework and protect themselves from potential cyberthreats.
We also reserve the right to amend this list as the cybersecurity landscape changes over time.
TechWise Group Top 5 Cybersecurity Recommendations
#5 – Patch Management (Patch it up!)
We’ve said it before and we’ll say it again: patching devices is critical. Like mending holes in jeans, a computer software patch fixes security flaws or any kinds of bugs in your system. It’s important to have a strategy in place to ensure you are regularly updating all your devices and software. And if possible, it is also extremely helpful to have a managed or automated solution or service in place to do this.
Here’s a list of what you should be regularly patching:
- Mobile Devices – phones, laptops, tablets, etc.
- Network Devices (both personal and work) – routers, firewalls, etc.
- Service Infrastructure – servers, applications, databases, etc.
- IoT – printers, security cameras, etc.
- Cloud Services – make sure that any Cloud Service Providers that you use have a strategy and practice of patching as well.
#4 – General User Practices (Be Cyber-Smart)
Stay vigilant at all times and make sure you are doing everything you can to mitigate security risks. You should make a habit of the following:
- Log off machines, portals, etc. when you are not using them.
- Practice good physical security of devices, credentials, badges, etc.
- Report suspicious activities to IT/IS as well as management.
- Adopt the principle of “least privilege” that ensures users only have access to the resources they need to perform their jobs. Users can request (and administrators can grant) access to the license and applications they require and nothing beyond that.
- Educate, learn – ask questions!
#3 – Antivirus/Malware/Threat Protection (Keep Viruses Away—Especially in Email)
We’ve already reviewed how to detect and protect yourself from phishing attacks. If you don’t want to be duped by a hacker, you should also implement antivirus software to prevent exposure to dangerous or harmful applications, programs, and software.
How to keep malware at bay:
- Implement Antivirus software for all your devices – this protects you from malware and phishing attacks. It is also important to understand that antivirus does not stop phishing emails from being sent to you; rather, it makes sure that phishing websites are blocked before loading online.
- Make sure you get Antivirus and Threat Protection for Email – get a solution that opens attachments and links/hyperlinks in a quarantine or sandbox. Basically, if you come across a file in your email that may be infected with a virus, this solution will make sure it is isolated in your storage so that it cannot contaminate other files.
- Consider getting a managed Antivirus and Threat Protection solution – Update and monitor your programs automatically so that employees don’t need to. This also makes sure that no individual can turn this service off (any exceptions must be enabled by an approved process).
- Threats evolve…evolve with them – Flesh out an Antivirus/Threat Protection strategy and continue to educate yourself on emerging cyberthreats.
#2 – Password Management (Don’t Let Hackers Crack the Code)
Password management is a key part of personal and corporate security, especially when it comes to privileged access or identity management (PAM or PIM). Privileged accounts are jackpots for cyber criminals. They will stop at nothing to gain access to your sensitive data and assets.
Here’s how you can follow good password practices:
- Use one unique password per account (meaning, do not use the same password for multiple accounts or sites).
- Do not share your credentials via sticky notes, email, or text. In fact, it’s best not to share your info at all. If you have a shared service or account, store those credentials in a password vault that can be accessed only by authorized users.
- Have a set frequency and length for passwords and refrain from reusing or slightly Make it easier to manage all your passwords by installing an application like a password vault or PIM/PAM solutions. This is the best way to prevent unauthorized users from accessing privileged accounts. It also simplifies password management for employees.
#1 – Multi-Factor Authentication (Add an Extra Layer of Security)
Multi-Factor Authentication (MFA) is the number one way to protect your credentials, devices, and data. It essentially adds an extra verification step that you must complete in order to access your account. Even if a hacker figured out your password, it is near impossible for them to log into your account if you use MFA because the system also requests a second and maybe third “factor” of authentication, such as a security token, your mobile phone, your fingerprint, or your voice.
Implementing multi-factor authentication gives you the most bang for your buck when it comes to cybersecurity. Almost all reputable services offer this for free, built-in or mandatory.