As National Cybersecurity Awareness Month comes to a close, we’d like to recap the seven tips offered to help you stay safe online.   We hope you read and will utilize these strategies everyday, to help you protect your online personal and professional assets. In case you missed some, here is an overview of the BMT Cyber 7.

  1. Protect Yourself With a Password Manager
    Password rules can be inconvenient, but they’re important if you want to keep information safe. A Password Manager such as lastpass.com will easily create, safely store, and help you use unique & complicated passwords for all your accounts.  They can also help protect you against phishing attacks!
  2. Enable 2FA for Everything
    Two-factor authentication (2FA) links access to your account via an app on your cell phone. This allows you to approve or deny each login. Even if hackers happen to steal your username/password, they can’t access your accounts without your phone.  Simple!
  3. Implement a Cybersecurity Awareness and Training Program
    A good Cybersecurity Awareness and Training program should happen early and often. Providing a single training session and handouts will work for a month, maybe more, but an ongoing program will create a culture of security in the workplace.
    We recommend and use KnowBe4 training. It’s an easy, fun and affordable way to continually educate staff. Interested in trying the program to see how it can work for you? Take advantage of our one-month complimentary trial that will confirm just how aware your staff is!
  4. New Device Awareness
    You can’t defend against an attacker if you don’t know they are there! Make sure your IT team is getting alerts when new devices present themselves on your network. Smaller organizations can utilize Fingbox, an inexpensive tool that can automatically block unknown devices before they join your network.  It’s aimed at the home market, but works well on simple networks found in many SMBs. More complex networks should have network management tools that include this feature.
  5. Weapons-Grade Backup
    WannaCry, NonPetya, BadRabbit. The threat is real – ransomware attacks have been on the rise in recent years because of how profitable they can be for attackers. To further their gain, criminals have programmed ransomware to search for and encrypt backups. Without backups to restore from, organizations have no choice but to pay the ransom!
    A properly designed backup hides and protects backup data from threats. We recommend organizations take steps to isolate their on-site backup data from their production network. Put the backup device on a different subnet, employ unique and strong credentials to access the device and make sure it is regularly patched. Routine offsite backup is also a must.
  6. Regularly Update and Patch ALL Systems
    Patches are software updates designed to fix known vulnerabilities or security weaknesses in applications and operating systems. By applying security patches regularly, you close known vulnerabilities which are easily exploited by hackers to gain access to machines and systems for multiple malicious purposes.
    To keep devices protected, keep your antivirus software updated and download recommended Operating System updates as soon as you are alerted. This applies to all devices on your network: printers, cameras, VOIP phones, etc. While many of these updates may be a manual process at first (i.e. visit the website, look up device, download update), the next update you apply should turn on the ability to update straight from the device or allow for future automatic updates. There is no excuse to not patch them all!
  7. Secure File Sharing
    File sharing has grown in popularity and frequency as people work remotely and enterprises move to the cloud. However, any time employees use technology (email, Dropbox, FTP, etc.) to share sensitive information with those outside the organization, there are security risks involved. Without proper security measures in place, the benefits of file sharing can be significantly outweighed by the potential for exposing your company’s sensitive data to new security threats.
    The best way to protect your organization is to invest in a file sharing platform. There are many options that are budget-friendly and will work comfortably with your organization. We recommend Sharefile for features, price, security, support and other essential factors.