With all the statistical data on the increase in cybercrime, and the cost to businesses that fall victim to these attacks, cybersecurity is always top of mind. While it’s important to implement technology like antivirus software, data encryption, and a myriad of other tools to protect your company’s data, here are some steps your employees can take to help with cybersecurity.
1. Avoid unknown emails and links.
Phishing is the act of hackers sending emails that seem legitimate in the hopes of gaining access to your company’s systems. Employees should be very careful with attachments and links in suspicious emails. Most phishing emails are orchestrated through hackers impersonating reputable companies or employees. If you’re not sure about an email, contact your IT department immediately.
2. Use strong passwords.
There is some anxiety when it comes to remembering and updating passwords. Some make the mistake of taking shortcuts by reusing a slightly varied version of the same password. Employees need to avoid this as it can make the cyber criminal’s job of stealing passwords easier. A strong passphrase used as a password is best practice.
Here is a sample of UC Berkeley’s Passphrase requirements listed in order from strongest to weakest:
- 8-11 characters: mixed case letters, numbers and symbols (e.g., !@#$%^&*()_+|~-='{}[]:”;'<>?,./’space’)
- 12-15 characters: mixed case letters and numbers
- 16-19 characters: mixed case letters
- 20+ characters: no restrictions
Using something like the examples above can help in creating passwords.
*Note: Most companies use password management software that can generate unique passwords for all your accounts. 2Factor Authentication is a solution widely used to add another layer of password protection.
3. Connect to a secure Wi-Fi network.
Office Wi-Fi networks should be secure, encrypted, and hidden. If your employees are working remotely though, they may have to use an airport or hotel Wi-Fi network. In these instances you can help protect data by using a virtual private network (VPN) if your company has one. A mobile hotspot is also useful, as it will allow you to access the internet without having to use a public Wi-Fi network.
4. Secure your company devices.
Your laptop, mobile phone, and tablet are also susceptible to attack. At a minimum, you should follow the below reminders.
- Make sure your devices lock and can only be unlocked with a password or pin
- Do not download and install untrusted software on your company devices
- Be sure to update your mobile devices when prompted, including security patches
5. Train and educate your team.
Smart companies take the time to train their employees. While there should be a cybersecurity policy in place for all employees to review, it is best practice to provide continued training to your employees. This can be done using security awareness platforms like KnowBe4 and Barracuda PhishLine. The more your employees know, the better equipped they will be to identify and avoid cybersecurity risks.
Continue the Conversation
We continue to work at developing better ways to protect our client data through vendor relationships, employee education and internal IT diligence. If you have questions, please reach out.
*Content on this page contributed by Tevon Campbell.
