Cybersecurity Awareness Month highlights action steps everyone can take.
As Cybersecurity Awareness Month draws to a close, Pax8 is sharing insights and tips on how to protect against the financial and reputational consequences associated with increasingly sophisticated cyberattacks.
The theme of 2022’s Cybersecurity Awareness Month is “See Yourself in Cyber” which applies equally to IT professionals who have a passion for protecting organizations and to individuals who can see themselves as an important first line of defense.
Here are four tips anyone can learn and practice, especially those who spend hours every day using their computers and mobile devices for business and personal use.
Enable Multi-Factor Authentication (MFA)
MFA increases security because even if one credential becomes compromised, unauthorized users will be unable to meet the second authentication requirement and will not be able to access the targeted physical space, computing device, network, or database.
MFA is a layered approach to securing your online accounts and the data they contain. When you enable MFA in your online services (like email), you must provide a combination of two or more authenticators to verify your identity before you are granted access to that online service.
Using MFA protects your account more than using a username and password, because even if one factor (like your password) becomes compromised, unauthorized users will be unable to meet the second authentication and even third requirement, ultimately stopping them from gaining access to your accounts.
Use Strong Passwords
A strong password provides essential protection from financial fraud, identity theft, and leaving the “doors and windows” unlocked if an attacker is attempting to tunnel into your organization’s systems and databases.
One of the most common ways that hackers break into computers is by guessing passwords. Simple and commonly used passwords enable intruders to easily gain access and control of a computing device.
There are key points of password security that users must know to reduce the risk of a hacker cracking their password and gaining access to their device. (The same holds true for Personal Identity Numbers, or PINs):
- Passwords must be long and complex.
- Passwords should contain at least 10 characters and have a combination of characters such as commas, percent signs, and parentheses, as well as upper-case and lower-case letters and numbers.
- Users should never write down their passwords, as that makes it easier for the passwords to be stolen and used by someone else.
- Users should never use the same password for two or more devices, as hackers who break into one machine may try to use the same password to take control of others.
Recognize and Report Phishing
Cyber criminals use email or text messages to try to steal your passwords, account numbers, or Social Security numbers. If they get that information, they could get access to your email, bank, or other accounts. Or they could sell your information to other scammers.
Phishing emails and text messages often tell a story to trick you into clicking on a link or opening an attachment. You might get an unexpected email or text message that looks like it’s from a company you know or trust, like a bank or a credit card or utility company. Or maybe it’s from an online payment website or app.
The message could be from a scammer, who might say they have noticed some suspicious activity or log-in attempts and ask you confirm personal or financial information.
Email spam filters might keep many phishing emails out of your inbox. But scammers are always trying to outsmart those filters, so extra layers of protection can help. Here are four ways to protect yourself from phishing attacks.
- Protect your computer by using security software.
- Set the software to update automatically so it will deal with new security threats.
- Protect your mobile device by setting software to update automatically.
- Protect your accounts by using multi-factor authentication.
If you got a phishing email or text message, report it. The information you give helps fight scammers. You can forward the email to the Anti-Phishing Working Group at [email protected].
If you got a phishing text message, you should forward it to SPAM (7726). You can also report the phishing attempt to the Federal Trade Commission on the FTC website.
Update Your Software
Automatic updates can prevent security issues and improve compatibility and program features. Software updates are necessary to keep computers, mobile devices, and tablets running smoothly, and to provide new and better features, but they also address recent security vulnerabilities.
By following these four practices, you can protect yourself and the organization you are a part of.
The Pax8 Marketplace Features Security Vendors and Expertise
Cybersecurity Awareness Month was established in 2004 by U.S. government agencies to promote awareness and encourage individuals and organizations to learn how to protect themselves from cybercrime.
The Pax8 Marketplace offers curated security solutions for MSPs, and this new Pax8 Cybersecurity Hub for MSPs is a one-stop security experience, featuring vendor trainings, on-demand courses, compliance frameworks, and expert highlights. Pax8 CTO Scott Chasin, who has spent his career in cybersecurity, talks about the current state of cyber threats for businesses today in this new video: Is Your Business Prepared for Modern Cyber Threats?