October is Cybersecurity Awareness Month, a time to help provide information and resources to help educate the public about cybersecurity. In our increasingly digital world, cybersecurity is not something that we can ignore anymore. In the business sector, it is generally seen as the responsibility of the IT team/the CISO, but with increasing cyber threats it’s important that security protocols are now everyone’s business. Here are four security behaviors that will keep both you and your business safe online.
Enable Multi-Factor Authentication
Multi-factor Authentication (MFA) is an authentication method that requires a user to provide two or more verification factors to gain access to their online accounts. MFA is a crucial tool that goes a long way in helping make your accounts secure. However, nearly half of US/UK respondents to a National Cybersecurity Alliance survey say that they have “never heard of MFA.” On an enterprise level, DataProt also found that only 26% of companies use multi-factor authentication in the US. MFA is crucial for companies; especially as bad actors have been quick to target small and medium-sized businesses which are the lifeblood of our economy.
In contrast though, of those who knew about it, most had applied MFA to their online accounts (81%) and were still using it (90%). This proves that once MFA is enabled, users find a great deal of value in it and will continue to use the authentication method. There are some key benefits of using MFA, with the first being security. Two passwords mean double the work for the attacker, it’s as easy as that. Ease of access is also another reason to use MFA. Not having to remember dozens of passwords is a huge benefit for businesses. Some experts believe that it can even reduce operational costs and increase productivity. Another key benefit is compliance. If a company has a uniform login system, then it is less likely to have security blunders.
Use Strong Passwords and Password Manager
As our digital lives have become more expansive, we have gone from remembering just one password a day to upwards of 100. That’s 100 unique passwords if you’re using different strong passwords for each. The Ponemon Institute found that 53% of people rely on their memory to manage passwords, and that’s a whole lot of passwords to remember. It’s very tempting to use the same password for different accounts, but this can greatly diminish their security.
Ponemon’s research also found that 75% of people say that they don’t know how to create secure passwords in the first place. If you’re looking for a good resource to learn about creating good passwords, you can check out this advice from Google. Password managers are also a great tool to use and recommend safe passwords for you, taking away the headache. If you’re specifically looking for a password manager for your small business, here are a few reliable ones to consider.
Update Your Software
One of the simplest ways to keep your accounts secure is to update your software and apps. Nearly 31% of respondents to the National Cybersecurity Alliance survey also said that they “sometimes,” “rarely,” or “never” install software updates. Updates not only fix general problems with software but can provide a whole host of security benefits. Here are a few other reasons to consider software updates as soon as possible: They will patch security flaws, add new features, remove old ones that aren’t necessary anymore, protect your data, and improve performance. So, try to steer clear of the “remind me later” button and update your software as soon as possible.
If you’re a small to medium-sized business owner, you might be tempted to cut costs by using an outdated version of the software. However, running your operating system on old programs creates a big security risk for your business. Some other reasons to update your business software are that it enables better collaboration, saves time, offers greater security, and is meant to be mobile. By updating your software, your team can seamlessly work across all your devices to get work done.
Recognize and Report Phishing
Phishing attacks are when an attacker sends a fraudulent message designed to trick a person into giving sensitive information to the attacker or give them access to the victim’s software where they can then install ransomware. Phishing attacks in data breaches increased by 11% from 2019 to 2020. This has only been accelerated by the shift to digital during the COVID-19 pandemic.
It’s important that you think before opening an attachment or message on both your personal and work device. Phishing attacks are increasingly becoming common for businesses. In fact, nearly 30% of small businesses consider phishing attacks to be their top cybersecurity concern. Nearly 3 out of 4 companies experienced a phishing attack in 2020, according to Symantecs. So, make sure that your employees have the tools that they need to recognize phishing and report it to your organization.
Following these four key security practices will help both you and your business stay safe online. With cyber threats on the rise, it’s important to realize that cybersecurity is now everyone’s responsibility.
