7 Best Practices for a Cyber-Secure Holiday Season
IT Security is front and center in the minds of business professionals today. But with so many options between recommendations, software and hardware to put into place, it can be pretty overwhelming for anyone.
So to help simplify some of the more common issues I’ve encountered, we’ve listed seven straightforward best practices you can start applying today to help make this coming holiday season a safe and secure one for you and yours!
1. Know That You are A Target
Many people view themselves as too small to be targeted by malicious groups. “Why would they want my data?” “Why would they want to hack ME?” The problem with this perspective is that hackers are looking for the low hanging fruit to gain a foothold into a computer or mobile device. They are not likely to start with an all-out brute force attack on your data center. That is a more time consuming and expensive task and they would much rather compromise one of your devices than spend all of their resources trying to crack your IT systems.
Once people understand that they are a potential gateway for intruders, they are much more likely to take their own security more seriously. The goal here is not to cause paranoia, but to help folks understand that the bad guys want to keep costs down just like you, so they are looking for the path of least resistance.
2. Understand What Makes Passwords Secure
The length of passwords contributes to their security far more than the complexity of characters.
“MyDogIsMyBestFriendAndHairy” is much more secure than “#~_!~$@!.” Plus, it’s easier to type! When a malicious attempt is made to guess a user’s password, it is easier to guess a short password with seemingly complex characters. The longer the password, the harder it is to crack.
The best practice here is to create a passphrase or sentence that you alone will know. There are dozens of articles that offer tips for creating strong and memorable passwords. The most common is to take a sentence and turn it into a password.
3. Use Different Passwords for Outside the Office
Best security practices seem to get in the way of productivity. It is much easier to remember a single password and use it everywhere; however, you shouldn’t use the same password at work that you do for external sites. If a website or business outside of yours were to be compromised and passwords exposed, a hacker could instantly have access to the same password that you use to sign on to your work resources.
Compromised user credentials account for 95% of data breaches across the world. There are few best practices that make for safer data and computing than maintaining good passwords.
4. Use a Password Management Application
Password management tools like LastPass and KeePass, provide a secure place to store your passwords instead of writing them down on paper or in a Word document. These and other tools store your information encrypted securely in the cloud, and they can interact with your web browser to provide a safer Internet experience. LastPass even has free integration on iOS and other platforms.
5. Use Biometrics When Possible (They’re Already Available!)
Many devices have options for biometric security to add another layer of safety for your data. Fingerprint recognition is a fantastic multi-factor authentication option. Your mobile device may already support it. Set aside some time (15 minutes at most) to view your device’s settings and enroll your fingerprints for greater (and easy) security.
App developers are catching on to this, as well. Microsoft Outlook can make use of fingerprint security to open the app on your mobile. Accidentally leave your phone unlocked? No problem, Outlook is still secured by fingerprint ID technology.
6. Check to See if You Have Been Compromised
Wouldn’t you like to know if one of your email addresses has shown up in a data breach? Leading security expert, Troy Hunt, provides a resource for you to check on this very thing.
You can visit https://haveibeenpwned.com and type in your email address to verify whether your email is part of any known data breach. It is a safe and free tool to check on your own Internet safety.
7. Beware of Holiday Email Scams
Holidays usually include lots of fun and lots of SHOPPING. Be sure to double-check the source of emails that come to your inbox claiming to include great deals or discounts for the holiday rush. An extra beat or two in checking the sender and verifying any links or attachments will go a long way toward a safe and happy E-holiday!
Chad R. Voller?>
CISSP, CISA, PMP, ITIL, MCP
About the Authors
Stay up-to-date with the latest news and information delivered to your inbox.