What should be on your Cyber Security Checklist?
We all know that the last two years have brought major challenges for everyone across the UK; businesses have faced many challenges from a digital perspective.
What are we all doing to prepare for the digital pandemic?
Hackers have stepped up their efforts and taken advantage of the gaps in the new remote work environments in the last two years. As we're all working from home more, we should also improve our security to combat the increased attacks. Governments, businesses, organizations and individuals all paid a heavy price for breaches and ransomware attacks. We all need to improve our cybersecurity preparedness.
So just, what should we prepare ourselves? What should employees, SMEs and businesses look to work on?
1. Revisit your old Passwords
Even those educated in cybersecurity still have old passwords and accounts that need updating. This means that we should all revisit our passwords and attempt to change the most at-risk ones.
These passwords are short, easily guessed or use a word or number unique to us. Such as; Date of Birth, Pet name, Maiden Name, Address etc.
Although this can be time-consuming and needs preparation, it will improve your peace of mind.
How do I find old passwords?
If you are using a password manager in your internet browser (Chrome, Safari, etc), then most of the work is done for you.
Go to your browser’s settings and review all of your passwords. Some browsers, such as Safari, review passwords for you and flag a warning next to a weak or repeated password. Make sure you review them all and change those at risk.
Safari > Preferences > Passwords
Chrome >Settings > Passwords
💡Top Tip - Make your life easier by using a password manager, this will help store all your account passwords. With a password manager, you can protect every single one of your online accounts with a strong password. Try out 1Password.
2. Setup Two-Factor Authentication
Two-factor authentication (often shortened to 2FA) provides a way of 'double-checking' that you are the person you claim to be when you're using online services, such as banking, email or social media. This could be a code that's sent to you by text message or that's created by an app.
Why should I use 2FA?
Cybercriminals can steal passwords, potentially giving them access to your online accounts. However, accounts that have been set up to use 2FA will require an extra check, so even if a criminal knows your password, they won't be able to access your accounts.
How do I set up 2FA?
Some online services will already have 2FA switched on. However, most don't, so you must switch it on yourself to give extra protection to your other online accounts, such as email, social media and cloud storage. If available, the option to switch on 2FA is usually found in your account's security settings (where it may also be called two-step verification).
3. Security Awareness Training
The most effective way to secure yourself in the digital world is to educate yourself and your staff through Security Awareness Training.
This doesn't have to be in-depth technical knowledge of cyber attacks. A simple overview of attack trends and general awareness will give you defensive measures - remember, lack of knowledge is the attacker’s advantage.
For example, if you learn how Phishing works and the objectives of a Phishing attack, you automatically have an extra defensive measure built-in within your organisation.
Our training is focused on those with little or no cybersecurity or technical knowledge and is delivered in small, succinct modules using real-world examples.
Awareness training is tailored to each company to provide the right level of skills and context for your business. The trainers are highly knowledgeable, personable and friendly and pride themselves on providing the right environment for your people to feel comfortable and to ask questions.
4. Review your Privacy Settings
This is crucial to avoid exposing unnecessary information about you or your company. Revisit your devices and social media account privacy settings and make sure these settings align with your company’s security & device policies.
Privacy settings for Devices:
If you've just bought a new device or haven't looked at your security settings for a while, you should take some time to ensure you're protected against the latest threats. Fortunately, most manufacturers provide easy-to-use guidance on how to secure your devices.
Privacy settings for Social Media:
Facebook: basic privacy settings and tools
YouTube: privacy and safety
LinkedIn: account and privacy settings overview
5. Stay secure when Working from Home
Working from home can be daunting for people who haven't done it before, especially if it's a sudden decision. There are also practical considerations; staff who are used to sharing an office space will now be remote. Think about whether you need new services or just to extend existing ones, so that teams can continue to collaborate.
For example, you may want to consider services that provide chat rooms, video teleconferencing (VTC) and document sharing.
This NCSC guidance has been created to help you ensure your organisation is prepared. We're all getting used to home working.
This NCSC guidance also helps you;
To spot the increased number of coronavirus (COVID-19) scam emails
Setting up new accounts
Preparing your staff for home working
Controlling access to corporate systems
Helping staff to look after devices
Using personal rather than work devices
💡Top Tip - Remember, under times of stress, we're not always in an ideal position to learn new technologies. Check how staff are coping; not just in terms of how to use new technologies, but also how they are adapting to having to work in new ways.
When you're heading back to the office, you can stay secure by taking advantage of our 'Back to the Office' guide.