You need to keep your information secure and we’ve got you covered. Here are some recommendations offered up by our Information Security Team to help you build and reinforce a security fortress.
1. Multi-Factor Authentication
Multi-Factor Authentication (MFA) requires additional information outside of passwords to complete the login process. The extra step verifies that the person attempting to gain access is who they should be.
2. Strong Passwords
Strong passwords are lengthy (12-16 characters), complex (using alpha and numeric characters and symbols), and not easy to guess. Avoid short, obvious phrases or common words.
3. Security Awareness Training
Train your people to keep them on the lookout and cautious during these events:
- Phishing is a social engineering attack in which the attacker sets up a spoof website, link or email that looks real to trick a person into giving up important information.
- There’s also Vishing (voice or VoIP phishing), SMiShing (SMS phishing), and lots of others like this.
- Before a Spear Phishing attack, the attacker gathers information about the target. For example, if an attacker finds out a person is a fan of a certain sports team. They might send an email saying, “You’ve won free tickets to the next game of (insert favorite team here)! Download your tickets by clicking this link.”
- Whaling is phishing that targets specific individuals—leaders, executives, and upper management—asking for things like money transfers through their organizations. Think of the “Friend Stranded Abroad” hoax, but from your CEO.
- And don’t forget about Ransomware. “Ransomware is a type of malicious software, or malware, designed to deny access to a computer system or data until a ransom is paid,” explains the Cybersecurity and Infrastructure Security Agency (CISA).
How should you respond to a ransomware attack? Get this information and more examples, statistics, and tips for avoiding using email and social media, browsing the internet, and securing your phone.
