Below are five practices you can implement today:
Protect your passwords
While it may seem like a nuisance, it’s extremely important to listen when your accounts tell you to make a new password. When you regularly update your passwords — especially to different, complex, and impossible-to-guess combinations of letters, numbers, and symbols — it lessens your likelihood of exposure.
Some accounts will lock you out if you do not comply with new password prompts, which can in turn slow down your workflow and cause you to submit otherwise unnecessary IT tickets. Changing your safeguards when prompted or even beforehand can help streamline your process while also keeping your company’s online infrastructure safer.
Where you keep your passwords is also critical. It’s best to never write them down, whether that be physically on paper or in a file somewhere on your computer. If you insist on keeping a written record of your passwords, keep it somewhere safe — that means don’t leave a Post-It note with this sensitive information right next to your monitor or in a place easily accessible by a bad actor.
You can also use a password manager to generate new, random passwords for all the sites you visit and store these credentials in a secure virtual vault. The password manager automatically fills in your login name and password for you when needed, is easily integrated with most browsers and operating systems, and can be safely used across multiple devices.
It only takes one person to compromise an entire system, and a single breach can cause a company to lose crucial public confidence.
Speaking of passwords, implementing multifactor authentication on your email and other accounts can help prevent cybercriminals from infiltrating your network and putting your clients and colleagues at risk.
Multifactor authentication adds an extra layer of protection by having the returning user enter credentials beyond just a username and password. This could be a security code sent via text to a mobile phone, email, or an authentication app.
While a thief may be able to steal the username and password, it’s far less likely they would have also gained access to a user’s mobile phone to receive a security code and complete the process.
If you get an unprompted notice to verify an attempted login, you can alert IT of potential fraudulent behavior and potentially prevent a breach or other major issues.
Now that your accounts are more protected, it’s time to routinely back up critical files to external sources, either online as part of a cloud storage service or a similar product or saved on an external disk.
Encrypting backed up files adds another layer of protection.
Knowing you have your sensitive information saved away somewhere that you can easily access not only gives you peace of mind but will also save you the hassle of contacting IT when something accidentally gets deleted or seemingly disappears.
Anti-virus software scans computer files or memory for certain patterns that may indicate the presence of malicious software, or malware. It is important to keep this software updated and regularly scan your entire computer to prevent a myriad of issues which could compromise your computer or your organization’s network.
Most anti-virus software can be configured to automatically scan specific files or directories in real time and prompt users at set intervals to perform complete scans. However, users can and should also manually scan files and media received from an outside source before opening them.
Strong security software should protect against spyware, a category of malware intended to steal sensitive data and passwords without the user’s knowledge. It is crucial to never click links within pop-up windows, download “free” software from a pop-up, or follow email links that offer anti-spyware software. These links and pop-ups will most likely install the spyware they claim to eliminate.
Virtual private network
Using an encrypted virtual private network (VPN) allows for a more secure connection to transmit data between a remote user and the company network. VPNs that use multifactor authentication add yet another layer of protection.
This is especially important for remote workers — who often have sensitive information on their devices and can be more difficult for IT to assist — but can also benefit those working in the office.