Cyber Security Dos and Don’ts
There are many things to consider to keep your information and devices secure. The following guide will give you a few small steps you can take to improve your security include cleaning up your password and account management (and checking for previous breaches of your accounts), continuous cyber security learning, and keeping your software up to date. These are only a few of our tips to help you with your cyber security – for more in depth articles and resources, see more at https://www.getcybersafe.gc.ca/en .
Cleaning up Password and Account Management
- Use Multi-Factor Authentication (MFA) or Two-Factor Authentication (2FA) – especially for accounts that contain sensitive information about you, your company, and/or your clients. While it can be inconvenient to have to verify with more than just your password for an account, MFA/2FA is like adding a deadbolt to a door with only a slide lock.
- Deactivate accounts you no longer use/need. The more accounts you have open, the more doors you’re providing for malicious attacks.
- Don’t store passwords in unsecure places such as in documents on your computer, written/printed sheets in your desk, or in your e-mail. Using a password management tool is best practice for keeping your passwords safe. Never share passwords in chat programs or over e-mail.
- Don’t use the same password for multiple accounts and ensure your passwords are secure. Understandably, it’s so hard to keep track of all your passwords between work, home, school, etc. – this is where a password management tool comes in really handy.
- Check for previous account breaches that have been found on the dark web. A great tool to check this is haveibeenpwned.com a site developed by cyber security experts that scrapes the dark/deep web for instances of your email within the leaked data files. The site will tell you the date of the breach and what app(s) and site(s) were affected that contained your information.
Continuous Cyber Security Learning
One of the biggest holes in security in your organization are human error. It’s important to continuously train and educate yourself and your staff to be cyber safe.
- Implement a security awareness program – these programs range from short educational videos, to fake phishing e-mail campaigns that can help educate your team and keep cyber security top of mind. See more info here.
- Be sure you have buy in from all levels of your organization, from interns to c-level – cyber security is everyone’s responsibility.
- Have a way to track individual’s participation in cyber security training and ensure all users are completing their training.
- Training should be done in regular intervals to keep information fresh and relevant.
Keeping Software up to Date
New cyber threats are released continuously and require software developers to be constantly identifying security holes (vulnerabilities) in their software and releasing patches and updates to mitigate these vulnerabilities. It is crucial to keep your device operating systems and all their software up to date which includes, but is not limited to:
- Microsoft and Apple OS (operating system) updates
- Mobile phone and tablet updates
- Keeping your anti-virus definitions up to date!
- Web browser updates (Google Chrome, Safari, Edge, Firefox, Opera, etc)
- All other apps and services updated