Cybersecurity: Four Tips
This month, we are going to share the four things you should do right now to protect your digital self. It’s time to remind ourselves that cybersecurity isn’t just the responsibility of large companies with massive amounts of customer data, it’s also our responsibility – mine, yours, and all of ours. In all situations it’s critical to be aware of and attempt to prevent cyber threats. It sounds daunting, but it really doesn’t have to be.
This year, the Cybersecurity and Infrastructure Security Agency (CISA) is calling for the general public to “See Yourself in Cyber.” The mission is to help individuals protect themselves online as threats to technology and confidential data become more commonplace. The theme “See Yourself in Cyber” demonstrates that while cybersecurity may seem like a complex subject, ultimately, it’s really all about people. We are working together to make smart decisions on the job, at home, and at school to become more cyber-aware. The best part is that instead of rolling out a lengthy to-do list, CISA is asking that we focus on four key steps to do our part this month. Share these objectives with your family, friends, and community to become part of the solution.
Four steps you can take to see yourself in cyber.
Step 1: Enable Multi-Factor Authentication (MFA)
Multifactor authentication is login process to make it more difficult for an unauthorized person to access your accounts. It requires two or more independent credentials, such as something you know, a password, and something you have, your mobile phone. Before a login is complete, a code is sent to your mobile device and requires you to input the code, thus proving you have access to the registered device. MFA has other variations and is one of the top ways that financial institutions, companies, and security experts provide consumers with the ability to protect their information online, which would require hackers to not only steal your password, but also your phone, or to gain access to another account, such as email, to break through your cybersecurity walls. This additional layer of security makes it exponentially more difficult for the bad guys to access your personal information and accounts. Using MFA is a simple step that can keep you from becoming the next victim. MFA is generally available to protect financial accounts, email accounts, and social accounts but is often optional, so if you don’t use MFA, check to see if it is available and be sure to enable it!
Step 2: Use Strong Passwords
Passwords are quite literally the key to your personal information. It is the safeguard to your online profiles and the often highly sensitive information that you provide in order to engage with online businesses. The problem is that criminals are intent on discovering your passwords, even using sophisticated technology to try to “crack” the code. The best way to ensure your account is difficult to crack is to have a complex password (i.e. upper and lower case letters, numbers, and symbols) that does not include things like your name, your date of birth, or the word “password.” It is shocking how frequently these easily guessable words are included. The average American consumer has over 100 web services that require a password. Typically, this means they are using the same passwords over and over, across a myriad of platforms. If there is a breach of a single vendor website and your password becomes known to the criminal black market, it can be used to try to hack into your other accounts. Having a unique password that is full of seemingly random letters, numbers, and symbols is the best way to ensure hackers can’t get into your accounts using data they can easily find on the internet. Further, changing and updating your passwords on a more frequent basis can help ensure your accounts remain secure. As explained above, in addition to a password make sure you have Multi-Factor Authentication enabled on your online accounts whenever available.
Step 3: Recognize and Report Phishing
It can be hard to tell if you are the victim of a phishing scam until it’s too late. Many companies are providing training to their employees to help mitigate this type of attack in the corporate world, and those same tips apply to your personal accounts. In this article, the Federal Trade Commission offers some examples of the types of emails and text messages that you should look at with a critical eye before taking any action, including:
- Messages that say they’ve noticed suspicious activity or log-in attempts on your online accounts
- An email claims that there’s a problem with your account or your payment information
- A message that says you must confirm personal information
- Any message that includes a fake invoice or other document
- A request to click on a link to make a payment
- Messages that say you’re eligible to register for a government refund
While these messages can be legitimate, it’s important to stop and look at them critically first. Further, the United States Cybersecurity and Infrastructure Security Agency has stepped up their ability to track down these types of scams. The Anti-Phishing Work Group has been created to report suspicious messages. They also have great resources to help businesses and consumers identify scams such as these.
Step 4: Use Biometric and Passwords to Protect your Devices and Keep your Software Up to Date
Computers, tablets, and phones can open the door to large amounts of personal information including our online activities, credentials for logins, and banking and financial information. Unfortunately, it’s this information that can make us vulnerable to attacks. Imagine using MFA to protect your accounts, only to lose your phone – leaving just a single password between a thief and your email, apps, and personal photos and files. If you set up facial or fingerprint recognition on your device, or you require a password to open your phone you have put another obstacle in between you and a fraudster intent on doing you harm. In addition, make sure you frequently update software on your phone, tablets, and computer to help keep your personal data secure. Thieves don’t rest. They are constantly looking for new and more successful ways to steal your information. In order to keep up, software providers must push out frequent updates to thwart criminal activity. Allowing software to automatically update or enabling reminder notifications will help you maintain the most up-to-date software, protecting your devices and your identity!
It’s important to take basic steps to protect yourself online. As an individual, check your passwords, ensure you have enabled MFA where available, keep your software up to date, and be on the lookout for phishing scams. If you own a business, put cybersecurity measures in place to protect yourself and your employees as well as your clients and customers. For those who operate critical infrastructure, learn how your role impacts others and what you can do to protect those you serve. And if you are interested in exploring a new career field, the future holds a massive demand for workers with technical skills to solve existing and upcoming cybersecurity issues. Look into where your interests might overlap with this ever-expanding opportunity.
*Content provided by NXG Strategies