Go to Cyber Security Basics

Five simple actions should be on your fingertips.

1.?????multi-factor authentication is basic ask. It’s so easy to accidentally create weak points in your security. Single Sign On (SSO) is great for increasing productivity and user experience, but it can create massive havoc if the user login is breached as it opens the floodgates to multiple applications being at risk. Having that extra layer of protection and authentication with MFA can be that crucial layer of protection against attackers, like biometric, token, or user-generated input. ?

2.?????Can’t ignore Software update program. Companies don’t always make security updates as soon as they are released as they can often cause bugs which slows work down. But there needs to be a balance, especially with critical updates. Zero-day exploit is about patching vulnerabilities and making updates as soon as possible to avoid vulnerabilities. ?

3.?????Phishing is everywhere. There has been a lot of emails supposedly from sources purporting to be known sources (i.e., LinkedIn, your company domain) recently, that either ask to update your information, or alert to fraudulent activity. But on further inspection, it’s clear these are fake. Have everyone in the company undergo training for phishing to ensure that work devices are not at risk. ?

4.?????Strong passwords unless its password-less. Algorithms and programs used to breach passwords are a numbers game. How many combinations can they go through? Using special characters increases the number of combinations these tools need to try. Enforce a minimum level of password sophistication across the company. ?

5.?????Keep testing your own defense. This goes back to basic again where there was red team vs. blue team structure. This is first level of security readiness for a company to conduct penetration or vulnerability testing on a regular basis. Cybersecurity is continuous phenomenon. It’s something that needs routine checkups and testing as you do for your health.?