It
could be stolen customer data, phishing, or ransomware attacks, successful
cyberattacks will affect businesses of any size and in any industry. A study
last year by Juniper Research exposed that breaches in cybersecurity are
likely to result in the theft of over 146 billion records by the year 2023,
while identity theft has already affected over 60 million Americans.
It
won’t matter if you are offering professional services (Doctor, Lawyer, Accountant),
running a local or global business operation, establishing an online presence has
now become necessary for recognition and, ultimately, business success. A
security breach can destroy a business in a number of ways, including loss of business
revenue, client trust, loss of data, fines, penalties, as well as lost income
while the breach is secured.
The
continually expanding awareness by word of mouth, media advertisements, social
media and direct conversations with security experts about cyber attacks and
online threats, business enterprises are investing effort and money into
improving their cybersecurity through better tech, training and tools. Still,
an analysis of even the most sophisticated online attacks reveals that security
is often imperiled by the most elementary mistakes that can be easily fixed by any
business, organization or at home.
Poor Password Management
Weak or duplicate passwords are among the first
reasons leading to cybercrimes including brute force attacks. A brute force
attack opened over 1,000 user accounts due to weak passwords. The bad guys used
the company email directory to compromise accounts that had weak passwords. Examples
of weak passwords that are still used include “123456,” “password,” and
“qwerty.”
What
are the best practices in password management that can improve cybersecurity?:
- Use of complex passwords that incorporates alphanumeric and special characters.
- I had LastPass generate the following: 7MG87@o2^VzILBwe I won’t have to remember it as long as I remember a single Master Password for LastPass.
- Enable 2-Factor Authentication (or 2FA) that can be used with strong passwords to safeguard user access.
- We all have smartphones today, setting up 2FA is quick and easy. Search for the Google Authenticator in the app store and you are almost done
- Avoid the use of the same passwords in multiple business accounts.
- Once bad guys figure out you have used the same PW in 2 accounts they will try them all using your email address or known user name.
- Use of desktop or smartphone apps that can securely store (or even regenerate) passwords instead of writing them down on a post-it or note pad.
- LastPass is what we use, but there are others: www.lastpass.com
- Maintain the habit of periodically changing passwords for all your accounts.
- The password manager, LastPass, can be used to change many of your passwords with a single click. You won’t need to know what the PW was changed to …. Provided you remember your Master Password to access LastPass.
The next post in our preparation for 2020 Cyber Security Awareness
is:
"Your business is NOT too small to
be a target."
No comments:
Post a Comment