Actually, great online security measures are perennial and bear constant reinforcement, but data shows that few actually practice all of them!
With the pandemic driving malice and greed to unprecedented levels of cybersecurity threats, the experts at Check Point Software have in the last 12 months seen the highest level of cyber incidents ever recorded by the firm.
New and more sophisticated threats, more devices, more computing power and professional criminal gangs mean that anyone with a computer, smartphone or IoT device must now regularly think about cybersecurity: but still, many do not.
They have contributed the following tips to provide guidance and assistance at this year-end season, but the safety measures are perennial:
- Password hygiene is critical: Passwords should be checked and strengthened regularly. However, experts argue about the length and composition as well as the frequency of renewal. It is important for users to handle their passwords carefully, not to store them unsecured in Excel spreadsheets or leave them written down for anyone to see or stick them on the back of the keyboard.
- Be phishing-proof: Users should be careful before clicking on links that look suspicious in any way, often associated with the sender. They should also only download content from reliable sources, as phishing, a popular form of social engineering, has become the main avenue of attack. Therefore, if users receive an email with an unusual request or a strange sender or subject, they should immediately start doubting. To be doubly safe: even the most routine-looking email requests for information should be treated with suspicious: physically contact the sender if the information/action requested is sensitive or if any clickable links are present.
- Choose IT devices carefully: In connection with remote-working, this point has become extremely important. The risk of a large-scale attack increases when employees use their personal devices, such as computers or cell phones, for work-related purposes, or vice versa. Security software should be installed on all devices and the connection to the company network should be protected.
- Keep software fresh: Hackers often find entry points in applications, operating systems and security solutions, as they generally monitor and exploit the appearance of vulnerabilities. One of the best protective measures is to always use the latest version of any software: a simple, basic but effective habit to practice.
- Use multi-factor authentication: Multi factor authentication is something many users are already familiar with from their online banking accounts, for example, when a single-use passcode (one that also expires within minutes to not allow fraudsters more time to get the code) is requested via mobile devices. In many cases, this log-in method is now being introduced for applications and accounts at online retailers to increase IT security. In this way, they have made it almost impossible for cybercriminals to gain access to the account despite knowing the password… at least for now.
These tips already go a long way toward protecting your own devices and your employer’s network against cyberattacks and malware. However, at the corporate level, they should also be supplemented by a comprehensive IT security architecture that consolidates and centrally controls various security solutions against different types of attack. This covers all areas of IT security and must be capable of thwarting even the dreaded zero-day attacks.
Finally, organizations must round off the strategy by training all employees up to management level, including the training of departmental/section representatives via special training programs and learning platforms.