1. Use strong, unique passwords.
Simply put, creating and updating passwords is annoying. But strong and unique passwords are one of the most significant ways to protect your business from a cyber-attack. Cybercriminals use a tactic known as brute force, where they can simply run a script that tries to guess the correct username/password combination. Nowadays, these bad actors can crack simple passwords in a matter of seconds. If you don’t want to contend with the growing complexity of passwords, try passphrases instead. Passphrases have proven more difficult to crack than a standard password!
Examples of passphrases include:
- Bull-alfalfa-gate2-tango!
- I l0ve ice-cream!
- 2 Be or Not to Be, That is The ?
2. Enable multi-factor authentication.
If a cybercriminal does nab your username and password, they have access to your account, unless you have multi-factor authentication (MFA). MFA requires an additional credential provided by something that is tied to you personally, such as a code generated by an app on your mobile device or email. This ensures that even if a cybercriminal has your login information, they’ll be unable to access your account.
3. Update your devices.
Keep your devices and their associated software up-to-date. Many updates include critical patches to fix vulnerabilities and upgrades which protect against the latest cyber-attacks. Correlated to this, if you aren’t using a program anymore, uninstall it! Software that goes unused is likely to fall behind on key updates. Without updates, cracks develop in the software’s defenses against cybercriminals, allowing them to squeeze through and commit all sorts of nefarious deeds.
4. Don't trust unexpected links or email attachments.
Be careful when it comes to suspicious or unexpected links or email attachments. Even the simple action of clicking a link or downloading an attachment is enough for cybercriminals to deploy malware. Verify the sender’s identity through different means of communication, by phone or in-person, before you click or open any links or attachments.
5. Familiarize yourself with phishing so you can spot an attempt
One particularly prevalent type of cyber-attack is phishing. This is when cybercriminals pretend to be someone you trust to extract something valuable from you, such as cash or personal information. Typically, cybercriminals will reach out under the guise of someone you’d be inclined to trust, examples include a family member, your boss, a bank account provider or even a well-known retailer. Be wary of any emails or calls that are unexpected or from sources you don’t recognize, especially if they’re encouraging you to act fast. When dealing with unexpected links or attachments, verify the sender’s identity separately before responding to these messages to confirm if they’re legitimate.
The best defense against a cyber-attack is you! Educate yourself and always be cautious. Protect your data, management programs, equipment software, employees and your herd from cyber criminals.