When it comes to protecting your business’s secure/sensitive information you can’t be too careful. This is an area where going the extra mile and taking extra steps to be secure is worth it.
Here are ten cybersecurity tips, free and easy to implement, that your business can implement today:
1. Adhere to NIST’s password guidelines
NIST, the National Institute of Standards and Technology, has a set of cybersecurity standards for passwords that can be very useful for all devices. NIST has a few password requirements that are very simple to follow.
- Set an 8-character minimum length.
- Change passwords only if there is evidence of compromise.
- Screen new passwords against a list of known compromised passwords.
- Skip password hints and knowledge-based security questions.
- Limit the number of failed authentication attempts.
NIST has several further password recommendations that can be applied to your business. More information about NIST Guidelines and NIST Password Standards can be found in the links below.
2. Have written company IT policies
IT policies can be constructed specifically for your business by your business. The link below provides an abundance of information and ideas to help you create the best IT policies for your team
3. Always authorize 2-factor authentication
We get it, nobody likes dealing with 2-factor authentication. However, this is a major step you can take when protecting your passwords to make sure you are the person logging into your accounts.
As a refresher, 2-factor authentication makes you provide an email or phone number connected to your account. After you enter your username and password logging in, the company will either send you an email, text message, or phone call (whichever method you choose) that provides a code for you to enter on the login page. It is important to authorize 2-factor authentication for all your accounts, both personal and professional.
4. Turn on automatic updates
Additionally, turning on automatic updates is another way to help protect your devices and to keep them running optimally. Automatic updates will make sure your device is running the newest version of your programs and that you are keeping up with the changes on your device.
5. Provide training for phishing emails/scams
Phishing emails and hacking tactics have become much more prominent and “normal” in our technological world today. Providing information and examples of phishing to your business can help employees identify phishing scams they might see to help protect your business’s sensitive information.
6. Back up your data (ability to restore)
Backing your data up is very important to protect and restore data in the case of a server crash or hack attempts. Most networks will be backed up and restored to “the cloud”, however, if you choose to create hard copies of your data make sure to secure the hard copies in a safe place.
7. Use a password manager
You can never be too safe when you are protecting your passwords. Along with the password guidelines stated above, it can be very useful for businesses to use a password protector application.
Applications (such as Keeper, LastPass, or Bitwarden) can be used to secure and save your passwords for many different accounts. This means you do not have to remember all your passwords: the master password. A password manager also makes it so that you do not have duplicate passwords.
Remember, passwords like “Password1234” can be cracked easily.
8. Monitor data on sites for leaks
Monitoring your company’s data around the internet is very important. As a general rule, if you can find sensitive company information on the internet, then hackers can too! The following sites listed below are free options that can be used to monitor your company’s data.
- Have I Been Pwned: Check If Your Email Has Been Compromised
- Experian: Check Your Free Credit Report and FICO Score
9. Lock your computer whenever you leave your desk
Alright, before you ignore this tip and skip to #10, understand that this is one of the easiest cybersecurity tips to implement that can end up being very helpful. Locking your computer when you leave your desk ensures nobody is able to view your information or log into your accounts.
- Windows: press the Windows key (marked by the Windows icon) > L
- iOS: press Control > Command > Q
10. Keep personal information personal
This final tip seems somewhat self-explanatory that might give you a “Thanks, Captain Obvious” feeling. However, it is very important to keep your personal data and information to yourself whenever you can online. You should try to avoid logging into personal accounts and saving personal data on company devices.
We hope that these cybersecurity tips can help you update your policies and create a safer online experience for your business.
To get more expert advice on cybersecurity and how you can protect your business’s information, contact Colorado’s Top IT Company, TrinWare.
| Hardware + Software + People |