Whether you have a dedicated team of cybersecurity professionals working for your company or not, your employees play a key role in keeping your data safe. Where they check their email, what passwords they use and which links they click can make or break your company’s security. It’s important, then, that employees are educated on basic cybersecurity practices. Here are five main things all employees should do to keep data safe:
- Always update software
When you get a notification that a software update is available, do it immediately. Developers create software updates to make programs stronger. Updates fix previously unseen vulnerabilities in programs, which prevents hackers from taking advantage of weak spots. (Related: Patch Management Helps Companies Avoid Cyber Attacks.) No matter how tempting it is to put off until later, it’s essential to keep software as up to date as possible in order to keep both personal and company data secure.
- Avoid unsecured WiFi
Anytime you connect to public WiFi, you’re putting your passwords, emails, messages and more at risk, as NBC news reported. Avoid using unsecured WiFi, such as that offered at airports and cafés, as much as possible. If you must connect, use a VPN, which allows you to connect to a secure, encrypted “tunnel” between your device and a remote server.
- Be smart with passwords
In addition to the obvious rules of not giving your passwords to others and not using personal information, such as your name or social security number, as part of a password, there are three main password practices that will help ensure strong cybersecurity:
- Don’t reuse passwords. Tempting as it might be to use the same password for every website and application, it puts you at significant risk. Invest in a password notebook or app that helps you keep track of your passwords for each website. This will make it easier to vary login information for every new application without fear of forgetting it.
- Never auto-save passwords. Don’t allow your computer to save passwords or keep you logged into applications. Saving passwords may be easier, but it sets you up for cyber attack later. Try using applications such as LastPass, which safely stores and auto-fills your passwords, giving you the same level of convenience without the risk of hacking.
- Make passwords more complex. The harder a password is for you to remember, the better. Use different methods of coming up with passwords, such as using the first letter of every word in a phrase and a combination of numbers. For example, if your phase is “I love keeping my company’s data secure,” your password might be “ILKMCPS179.” You can also try random password generators, or you can develop your own algorithm. As long as you keep a detailed password log, remembering this login information later shouldn’t be a problem.
- Use multi-factor authentication
For all of your devices, set up multi-factor authentication. This requires you to use multiple methods to confirm you’re really you. For example, if multi-factor authentication is enabled for your email, someone trying to access your email on a different computer will be required to enter a one-time code sent to your cell phone. As long as your cell phone is in your possession and secured, your email will be safe. (Learn more about the benefits of multi-factor authentication from TechBeacon.)
- Know how to spot phishing
Phishing emails are commonly used to hack into personal and company devices. Clicking on a fake link can give hackers open access to your device and its data. Always exercise caution when opening emails, particularly when you don’t know the sender. Don’t open attachments or click links until you’ve verified that they are legitimate. Stay alert, and remember that extreme safety is better than a cyber attack. (Related: Identify Phishing Emails With These Tips.)
Learn how MDL can boost your company’s cybersecurity efforts on our website.