Cybersecurity is at the top of the list of concerns for businesses. Cyber attacks seem to be occurring more frequently than ever and taking down businesses throughout the world. For many businesses, a cyber attack or security breach can quickly impact business compliance with significant IT compliance regulations. Even companies with enterprise level IT support can benefit from easy and much needed IT security safeguards. Here are three easy ways to help you safeguard yourself against a cyber attack that literally take only five minutes.
1. Change Your Passwords
IT professionals say it all the time - change your passwords...OFTEN! This fast and easy step can save you from a cybersecurity threat. Set aside time to update your passwords on all of your accounts. Experts agree that you should have different passwords across all of your accounts. This ensures that if one of your accounts is hacked, the bad guys have access to only one account, and not all of them.
Forget all those tough passwords too! The National Institution for Standards and Technology (NIST) recently implemented new password guidelines to help keep you protected. They suggest keeping passwords simple, long and memorable. Phrases, lowercase letters and typical English words and objects are suggested when creating passwords. This is a change from NIST's original recommendations that suggested using unique characters and a mix of lower and uppercase letters. NIST contends that these longer passwords are harder to crack because they are cryptographically harder to figure out.
Remember, once the baddies have your password, they can impersonate you to send personal emails to friends, family and co-workers and get MORE information. If they get your social media passwords, cybercriminals can find even MORE sensitive information. So change your password often, and the longer it is, the better!
2. Think Before You Click
The most common cybersecurity breaches happen quite by accident. An email from an old friend or an update to your most often used software comes across the screen. Most people just click on the email or link without really thinking. These emails are known as social engineering and are set up to look like they are from a trustworthy source. Before you click on that email or link though, here are a couple of tips to check first.
- Check all of the hyperlinks - Take your mouse and hover over the hyperlink in an email. The actual link will appear. Make sure that the hyperlink matches the URL you land on after clicking. Let's say, for instance, you receive an email from your bank. Hover over the hyperlink in the email and make sure it matches that of your bank. If it doesn't, DON'T CLICK IT!
- Check who sent the email - Just as you can hover over hyperlinks to see URLs, you can hover over a name in the from field and see who an email is from. Let's say your friend Joe Smith emails you, and you know his email is firstname.lastname@example.org. When you hover over his name, make sure that's the email it's coming from. If it's not, or you aren't sure, delete the email and move on. If it is that important, Joe will call you or maybe text. Better safe than sorry.
3. Install Updates
Have you ever left your computer on for like three weeks straight, and then you decide to finally power off one night. The next morning when you arrive at work and turn the computer on, it takes 20 minutes to boot because it has to install 42 updates that you've not yet installed in the last three weeks. The fact is that these updates are essential to your protection against a cyber attack. Sure, some updates provide you with a cool new feature, but many times, those updates are upgrading security to protect your network. New malware comes out every single day, and having outdated security software is as bad as having none at all. So keep running those updates!
Non-updated software is a vulnerability for your network. Cyber bad guys can exploit those vulnerabilities by writing code that targets these specific non-updated software instances. That's because you're not the only one who didn't run the updates. Lots of people don't do it. So the one of the easiest ways to get into your network is to target those who haven't run updates. Once they're in, cybercriminals will steal data and take control over your computer and personal information. So we'll say it again...RUN THE UPDATE!
For more information on IT security risks and how to protect your company's assets, contact us today at email@example.com.