Top cyber security practices you need to start during National Cyber Security Awareness Month:
- Use strong, unique passwords
- Double up your login protection with multi factor authentication
- Keep updates current
- Be prepared with off-site backups
Cyber security applies to all internet-connected devices: If you can connect it, protect it.
This blog is part 1 of a 4 part series for National Cyber Security Awareness Month 2020. Check out our NCSAM kickoff blog here: “Why Cyber Security is More Important Than Ever.”
You are aware of the current cyber risks and want to make your internet-connected devices more secure. There are many cyber security options available, but what are the top cyber security practices you can start right now?
Cyber security doesn’t have to be complicated. By becoming cyber aware and taking action to protect yourself, you can achieve the cyber security protection you need.
At Proven Data, we are committed to helping you uncomplicate cyber security and #GetCyberSerious. Our cyber security experts have assisted thousands of clients with cyber protection and are ready to answer any questions you may have.
As a champion of National Cyber Security Awareness Month (NCSAM), we are dedicating the month of October to teaching you how you can Do Your Part and #BeCyberSmart. We want to take this year’s NCSAM theme to the next level and help you level up your cyber security protection.
Cyber security is our combined responsibility. The best protection happens when we work together.
Our NCSAM kickoff blog emphasized the need to raise awareness about the importance of cyber security. The next step is to provide you with access to the latest cyber security resources to help begin your journey of proactive steps to cyber security success.
The first NCSAM 2020 weekly theme focuses on protecting internet connected devices: if you can connect it, you can protect it.
By the end of this blog, you will:
Why is cyber security important?
Becoming cyber secure is more important than ever before.
Here are some cyber security statistics you need to know:
- 92% of U.S. survey respondents reported an increase in the number of cyber attacks in the last 12 months according to the 2020 VMware cyber security threat survey.
- Hacker attacks occur every 39 seconds according to a study conducted by the University of Maryland.
- In 2019, the Internet Crime Complaint Center (IC3) received 2,047 complaints identified as ransomware with adjusted losses from ransomware attacks totaling over $8.9 million.
Fortunately, business leaders are discovering the need to improve their cyber security. 95% of surveyed CIO’s, CTO’s and CISO’s in the VMware threat survey reported that they are planning to increase cyber defense spending in the coming year.
Is cyber security protection worth the cost?
Investing in cyber security doesn’t have to break the bank. The average cyber security budget ranges from 5% to 20% of an organization’s IT budget. On the other hand, in 2019, cyber crime in general cost U.S. businesses an overall sum of more than $3.5 billion according to the FBI’s Internet Crime Report, with the average cost of a data breach reaching 3.92 million according to IBM’s 2019 Cost of a Data Breach Report.
These numbers indicate that the cost of cyber security is worth the protection it provides. If you are looking to implement a comprehensive cyber security program, you may want to consider the pros and cons of hiring an externally managed cyber security service.
However, there are proactive steps you can take to begin practicing better cyber security without paying a cent.
Top cyber security practices to start during NCSAM 2020
Below you will find an outline of the four simple practices that can immediately improve cyber security on your internet-connected devices.
1) Create strong, unique passwords
You’ve probably heard about the importance of using good passwords a time or two. But how good is your password game?
On average, employees reuse passwords 13 times according to the 2019 Global Password Security Report by LastPass.
We don’t blame you for reusing passwords (who among us has not been guilty of using and reusing the name of our favorite pet or ice cream flavor in our login credentials at one point in our lives?). But today, we want to show you a better (and easier!) way to create, use and remember strong passwords.
In one sentence: passwords are designed to keep your account safe from unauthorized access.
Strong passwords can block unauthorized account access gained through common attacks including:
You may not think your account contains any information that a cyber criminal might want. However, if an attacker gains access to one of your accounts due to a weak password, this can lead to further access and potentially catastrophic attacks on more critical accounts and information.
Strong passwords should be used on all devices and accounts. Remembering complex character combinations for each of your accounts can be difficult, but there are tools to help you.
We generally recommend the following password creation best practices:
- Don’t use something you can find in the dictionary
- Use at least 16 characters
- Use combination of uppercase/lowercase letters, special characters, and numbers
You can also use a free password generator to help you create passwords.
Using a password management tool can also make your life easier and cyber crime harder by allowing you to generate, use and store complex, uncrackable credentials efficiently.
Downloading an online password management tool can help you begin utilizing complex passwords for numerous accounts safely and securely.
Using strong passwords is an immediate improvement to your cyber security hygiene, but keep reading to find out how to increase the strength of your account protection even further.
2) Double up your login protection with multi-factor authentication
Creating strong passwords is the first step, but using two factor authentication or multi-factor authentication (MFA) is an easy way to double up your account security.
Don’t let the terminology throw you off; multi-factor authentication is simply a method you can use to add an extra layer of security to protect your user credentials and accounts.
There are several MFA methods including the use of:
- Token codes – one-time codes generated by applications or sent via text or email
- User knowledge – username, password or answers to security questions
- Physical items – device that receives a token code or a USB security key
- Biometric identification – fingerprint or facial recognition software
Each of these methods provides an additional layer of protection if your password is discovered through the attacks mentioned above.
Implementing MFA can be as easy as installing an application, but there are various authentication tools available.
If you are using remote desktop protocol (RDP) regularly, you might want to consider something like Duo, which adds two factor authentication to your Windows user logins. We also created this easy-to-follow video that showcases how to close RDP on Windows 10.
Many platforms like social media, email and cloud accounts have the option to turn on MFA, but it is up to you to make sure this feature is activated.
Activating MFA is one small step for you, and one big step towards preventing cyber attacks. Take the extra step, stop to authenticate and help prevent a cyber attack from affecting you.
3) Keep your updates current
Any internet-connected device is at risk for a cyber attack. If you can connect it, you can protect it and one of the ways to ensure you have the best protection measures in place is to have a regular update schedule.
Common software like Windows and macOS has security measures in place, but they cannot provide proper protection unless automatic updates are enabled.
This is where it is crucial to do your part and not ignore those pesky update requests.
We understand you have a million things to do, but taking the time to enable automatic updates and follow through with updating your software and operating systems could save you the work interruption time and cost of recovering from a cyber attack like ransomware.
Any device you connect to your network or software you install can be exploited to gain unauthorized access. Any software and some hardware you use on your network should follow a regular update schedule. This includes firmware updates and security patches.
Cyber criminals are skilled at finding gaps in security protections exposed by out of date software. By continually updating your devices with the click of a button, you can ensure you are taking advantage of the technological advances designed to protect you and keep you one step ahead of cyber threats.
4) Be prepared with backups
Backing up your data the right way is a crucial step to making sure your data is recoverable in the event of a cyber attack. On-site backups are still a common method organizations utilize as their sole backup practice.
On-site backups are not the optimal solution for the following reasons:
- If an attacker accesses your network and the backups are plugged in, they can inflict ransomware on the backups
- Your data is not protected in the event of a catastrophic event (fire, flood, etc)
- The storage device can fail
If you choose on-site backups, you should adhere to the following best-practices:
- Always unplug the backup from the network when you are not performing a backup operation
- Keep multiple copies of the backups
- Periodically test the external hard drive for errors
Off-site backups are much safer than relying on a device connected to your network. When backing up your data, make Maya Angelou’s famous words your philosophy: “Hoping for the best, prepared for the worst, and unsurprised by anything in between.”
Don’t let yourself be surprised by a cyber attack. Regularly backing up your data off-site can ensure your data is recoverable from damage, including:
- Hacker attacks
- Malware and ransomware attacks
- Hardware and software failure
- Media faults
- Power failure
- Human error
- Catastrophic events
An easy way to remember how you can create efficient backups is by following the 3-2-1 backup protocol.
Don’t leave yourself vulnerable to data loss due to ransomware attacks that target storage devices connected to your network. Always keep multiple backups that are off-site or offline.
Next steps to comprehensive cyber secure protection
Now that you know the top cyber security practices you need to start using today, what else can you do to get cyber secure?
At Proven Data, we are committed to providing you with the knowledge you need to be cyber aware and the steps you need to take action. By working together, we can help you #GetCyberSerious and achieve the comprehensive cyber security you need to stay safe online.
Next, learn why cyber security products and service are an important aspect of protecting your devices and data at home and work.