October Is Cybersecurity Awareness Month: Here Are Some Things To Remember
October is a Cybersecurity Awareness Month observed nationally. Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance (NCSA) are reminding users to continue being “Cyber Smart.” This is the month to run special campaigns to raise awareness of how your employees can detect and guard themselves against cybercrime.
With the COVID-19 triggered hybrid work and learning environments, cybercriminals have more opportunities to explore online, making many people more susceptible to identity theft and cyberattacks. It is important for your employees to know how to detect scam attempts, keep data and information safe, and react swiftly and efficiently when targeted.
Putting Cybersecurity First
Through the STOP.THINK.CONNECT.™ public awareness campaign, CISA shares Cybersecurity Awareness Month Resources to help minimize cybersecurity risks and protect users online. CISA reminds internet users that cybersecurity is their responsibility, and both individuals and companies should proactively implement solid security practices to remain safer and secure online.
Cyber Security Best Practices
One best practice to enhance cyber security is to treat your business information as personal information. Typically, business information includes a mix of personal and proprietary data. You should also keep your software updated to the most current version available.
As more people embrace social media, these platforms have also become part of the fraud toolset. Cybercriminals can scan your organization’s social media sites and gather information about your customers, vendors, partners, and even human resources and financial departments. Ensure that your employees don’t overshare company information on social media or execute official business on social media, such as exchanging payments or sharing PII.
Here are some other cyber security best practices to consider during the October cybersecurity awareness month:
1: Learn to Detect Phishing & Email Scams
A common email scam that many users come across is phishing. Scammers typically send emails aimed at tricking users into thinking they are legitimate. They may appear to be from a colleague, friend, or boss. Their goal is to lead you to open an attachment or tap on a link to a fake website and key in sensitive information such as your login and password. The best way to curb phishing scams is to avoid clicking links or downloading attachments unless you’re pretty sure of the source. Also, check email URLs before opening them since some URLs mimic real websites that you know are genuine.
2: Connect Only with People You Trust
When engaging on social media platforms, ensure you only connect with people you know and trust. While some social networks limit personal information shared through them, be sure to keep your connections secure by avoiding interactions with unknown people.
3: Create Strong Passwords
Use a long passphrase and don’t make passwords too easy to guess. Avoid using personal details in your passwords, such as your name, year of birth, or your pet’s name. Additionally, avoid using common words that hackers could easily guess. Substitute letters with numbers, symbols, or punctuation marks to make your password stronger. For example, you can replace the letter “A” with @ and the letter “I” with an exclamation mark (!), etc.
More importantly, keep your passwords to yourself and watch for attackers attempting to trick you into disclosing your passwords through phishing emails or calls. Also, be sure to create a unique password for every unique account. Having different passwords for different accounts helps prevent hackers from gaining access to sensitive accounts and protects you in case of a breach. You can also use a password manager to remember complex passwords easily.
4: Double Your Login Protection
In addition to passwords, enable multi-factor authentication (MFA) to make sure that you’re the only person who can access your account. Use it for email, social media, banking, and any other service or application that requires logging in. Typically, multi-factor authentication requires both a password and a text message, call, or email containing a one-time pin. By applying these stringent principles of user verification to your personal accounts, such as social media accounts, email, and other sensitive accounts, you can better protect your information and identity online!
5: Avoid Auto Connecting
Some devices are designed to automatically seek and connect to available Bluetooth devices or wireless networks. This automatic connection can open the door for bad actors to access your device and extract sensitive information remotely. Be sure to disable these features. Before connecting to any public wireless hotspot in a restaurant, coffee shop, or at a train station or airport, be sure to confirm the network’s name and exact login procedures with the staff to ensure the network is legitimate.
6: Limit Social Sharing
Limit the information you share on social media, such as personal addresses or where you often hang out. These seemingly random details can provide vital information that cybercriminals can exploit to target you. Additionally, guard your mobile gadgets to prevent theft, unauthorized access, and loss of sensitive information. Avoid leaving your devices unattended in public places and when traveling in taxis, trains, or airplanes.
7: Protect Your Digital Home
Today, many home devices such as coffee makers, thermostats, door locks, and smoke alarms are connected to the Internet. Typically, your home’s wireless router is the key entrance for cybercriminals to gain access to all your connected devices. Protect your Wi-Fi and digital appliances by changing default passwords and usernames.
8: Implement VPNs for Network Connections
Networks that are secured only with generic security measures are often more vulnerable to cyber-attack. Consider implementing virtual private network (VPN) connections between your office locations. If remote employees connect through unsecured public Wi-Fi networks, make VPN use easy and mandatory to enhance cyber security.
Do Your Part: Be Cyber Smart!
During this cybersecurity awareness month, take time to take stock of your security architecture and strengthen any weak links. At tech42, we provide a variety of executive-level IT services to organizations in the Eastern Pennsylvania area. As your “one-stop-shop” for technology, we provide premium services that deliver the most value for your time and dollar. Contact us today to learn more about effective ways to enhance cybersecurity in today’s sophisticated hybrid work environment!
Michael is the President and owner of tech42 LLC. He has more than 20 years of cross-discipline experience in the information technology industry, and has worked both as a network engineer and software developer. He is a passionate student of the interaction between technology and business and leveraging that knowledge to help tech42’s clients achieve both technology and business success.