Cybersecurity Awareness Month: Tips to follow year-round
While Cybersecurity Awareness Month serves as a reminder for everyone to follow cybersecurity best practices, strong awareness should continue year-round. This month, the Cybersecurity and Infrastructure Security Alliance released their “Secure Our World” awareness campaign that aims to broadly promote cybersecurity tips and best practices. Not only can MSPs and their customers use this campaign now, but they should utilize it for the remainder of 2023 and beyond.
The CISA campaign is made up of four important actions that all individuals should take:
1. Create strong passwords and use a password manager
Taking proactive measures, such as creating unique passwords, will ultimately help safeguard your accounts. Did you know, only 33 percent of individuals create unique passwords for all accounts (NCA)? In Devin Partida’s latest piece on SmarterMSP.com, she discusses the importance of MSPs setting high standards for passwords. As an MSP, you could set up password requirements for your employees to follow. Set expectations that passwords should include lowercase and uppercase letters, numbers, and symbols. By doing this, hackers will have a harder time compromising accounts.
CISA recommends using at least 16 characters for all of your passwords. Along with this, use unique passwords for each individual account and use something that would be hard to guess. While creating strong passwords is the first step, it’s highly recommended to use a strong password manager as well. Keeping them all in one place allows you to stay organized and on track. Most platforms will provide suggested strong passwords to use, too.
2. Turn on multi-factor authentication
Multi-factor authentication (MFA) ensures your accounts are safe by providing a secondary method of confirming your identity. This might involve a code being sent to your personal device or email to make sure it’s you. Even if your password has been compromised, this stops the unauthorized user from gaining access to your account.
Of those who have heard of MFA, 79 percent had applied it to their online accounts (NCA). It’s promising to see that many individuals and organizations realize the importance of implementing added layers of security to accounts such as MFA.
3. Recognize and report phishing
The third recommendation included in CISA’s Secure Our World campaign is to recognize and report phishing. As an MSP, you know better than most that the cyberthreat landscape is constantly changing. One of the evolving tactics performed by cyber criminals is phishing, which involves criminals trying to trick you to open harmful links or attachments that could steal personal information or infect devices.
The first part of this recommendation is to increase awareness and look for the signs. Misspellings, urgent requests, alarming language, etc. Are just a few things to look for. If you think you received a phishing email or message, make sure to report it. Ultimately this will protect you as well as your peers from future phishing attempts. Lastly, familiarize yourself with your organization’s protocol to submit a report. Once reported, you should delete the message to avoid accidental clicks or replies.
4. Update your software
When thinking of simple ways to secure accounts, updating the software should come to mind. This is one of the easiest ways to keep information protected. When you receive your next message to update your software, don’t click the “remind me later” button! These provide security patches and necessary updates to help you stay ahead of cybercriminals. Only 36% of survey participants reported installing the latest updates and software as soon as they became available (NCA).
Make these recommendations a priority in your everyday life. Whether you’re at home, or in the office, these steps are important to keep your environment secure and stay one step ahead of the evolving threats that could impact us all.
Photo: MT-R / Shutterstock