October is Cyber Security Awareness Month, and we’re sharing these Core 4 Cyber Security Practices that anyone can do to improve their online safety.
The National Cybersecurity Alliance (NCA) – a nonprofit organization committed to “creat[ing] a more secure, interconnected world” – leads a collaborative effort between public and private governments and organizations to educate and protect against cybercrime.
This month serves as a call to action to refresh our knowledge of best practices for staying safe online. We’re dedicating this October’s blog post to sharing what the NCA has identified as the “Core 4” practices that anyone can do today to improve their cybersecurity position.
Every October, the NCA prepares a list of small actions that can give our online safety a boost. This year’s theme is elegantly simple. Focus on the Core 4:
The level of interconnectedness in every aspect of our lives and prevalence of large-scale cyberattacks may feel too big for the average technology user, but there are still little things that each of us can do to stay protected.
Creating a strong password is not only your first line of defense, it’s also one of the most effective tools that you have to protect your accounts from cybercriminals.
To reduce the risk of a data breach, we recommend creating passwords that are at least 16 characters long and include a mix of upper- and lowercase letters, numbers, and special characters.
We all want to keep things simple, but when it comes to passwords, resist the urge to use one password across multiple accounts. It’s one of the most common password mistakes that our IT team sees. Never reuse passwords across platforms.
Additionally, instead of using the names of family, pets, or other “favorite things” that a hacker could easily identify after spending 10 minutes trolling your social media pages, try creating simple phrases with a combination of characters that you can easily remember such as ImaCyb3r$ecurityNinj@!
We understand that generating and keeping track of multiple, complex passwords can be a challenge. Password managers can make it easier to safely generate and manage all your passwords. To help simplify the process, we recommend using a password manager like Keeper to help you generate and securely store all your passwords.
It’s easy to think of multifactor authentication as another hoop you have to jump through to log into a site. However, we like to flip the script on MFA by thinking of it as two extra deadbolts and a chain on the doorway to your online data.
Multifactor authentication adds additional layers of protection by requiring a second form of verification before granting access to your data. With MFA, the user is asked to confirm their identity through a text message prompt or authentication app code, along with their password.
Other forms of MFA include bio scan features such as fingerprint or facial recognition. If you’re looking for an alternative to using biometrics, you can also use a physical security key instead.
Security keys look a lot like USB sticks and provide an even higher level of protection than MFA. After attempting to log in to an account, you’ll be prompted to insert the physical key which is then validated before access is granted. Because the use of a physical key is required, it’s an extremely difficult barrier for cybercriminals to breach.
Whichever option you decide to use, enabling MFA on all of your accounts greatly reduces the risk of unauthorized access, even if your password is compromised. Although it adds another step to the login process, the added security it provides is invaluable.
It’s time to go on the offensive. Phishing scams are designed to deceive you into revealing personal information or downloading malicious software.
Although it’s a significant shift in thinking, it’s okay to be suspicious of unexpected emails or messages, especially those asking for sensitive details or pressuring you into immediate action. When you receive a suspicious email, take a moment to verify that the sender’s email address matches the company’s they claim to represent. Does the message contain typos or seem out of character with the company’s brand. It’s a good practice to always verify the sender’s identity before responding or clicking on any links.
Don’t just ignore and delete phishing emails and messages ; go on the offensive and report them. If you receive a suspicious email at work, report it to your IT manager. If the message was received through your personal email or social media accounts, report it to your email provider or social media platform support team.
With unsolicited emails or messages, it’s important to remember to use caution – never click on links, even unsubscribe links which can also be malicious. After you’ve reported the suspicious emails, block the sender and delete the message from your inbox and trash.
Hackers can be extremely aggressive and sophisticated in their approaches to gaining access to your personal information. It’s such an important topic that we dedicated an entire blog post on how to identify and combat phishing attacks. To learn more, check out our post titled, 6 Easy Ways to Combat Phishing Attacks, Improve Security.
One of the easiest things you can do is to keep your software up to date. Outdated software is a common target for cybercriminals who exploit security vulnerabilities in older versions. Regularly updating your operating systems, apps, and software ensures that you have the latest security patches in place.
Although October marks Cyber Security Awareness Month, staying informed and vigilant all year can significantly reduce your exposure to cyber threats.
Other important, but often overlooked steps you can take to improve your cyber security position include:
Share with Care – Whether you are posting to social media or emailing with another person, take a moment to think about the information you are about to share. Who will see it? If your account is marked “public”, do you want everyone to know that you are out of town on a month-long vacation in Europe? Could the information you are sharing reveal personal information like a snapshot of your passport, your garage access code, or some other piece of protected information?
Check Your Privacy and Security Settings – It’s a good habit to regulary review and adjust the privacy and security settings on all your devices. Does that game app really need acces to your contact list? Are your social media profiles viewable by the public or just friends? Do you have unused apps, games, or other platforms that you don’t use and could delete?
We recommend doing a quarterly audit of your device’s settings and adjust accourding to your comfort level for information sharing.
Back it Up – Regular backups are essential for protecting your data. In the event of a cyberattack, such as ransomware, having an up-to-date backup allows you to recover your files without paying a ransom or losing valuable information. Ideally, you should have your important files backed up multiple ways. We recommend using both an external hard drive and a secure cloud service for redundancy.
Don’t Reply to Mistaken Text Messages – Those mistaken text messages could be a scam. If you receive a text from an unknown number asking seemingly innocent questions such as, “How are you?” or “Can you recommend a good plumber?” are a newer tactic that scammers are employing to get you to engage.
The criminal is counting on you being polite and replying. What then transpires is a slow-play scam that can play out over the course of weeks or even months with the intention of building a relationship with the victim. These types of scams usually end in the scammer asking for money or claiming to let you in on an amazing investment opportunity that they want to share with you.
Not responding, reporting unsolicited spam texts to the Federal Trade Commission at ReportFraud.ftc.gov, and deleting the text is not being rude. It’s being smart.
Use a Secure Device and WiFi Network – Public WiFi may be convenient, but it can leave you exposed to cybercriminals. We recommend the following steps for staying protected:
By integrating these cybersecurity tips into your daily routine, you can bolster your online security and significantly reduce the risk of becoming a victim of cybercrimes.
At Smart Homes Smart Offices, our technology service experts are dedicated to providing you with proactive advice and effective solutions for all your IT needs. We offer three different levels of IT support, each providing a comprehensive range of services. To learn more, contact us today to speak with an IT specialist.
For more smart content, follow us on Facebook, Instagram and Linked In.
