You know that icky feeling you get when you should do something but it’s too difficult / too scary / boring / there’s not enough time / etc? When it comes to cybersecurity this is a common feeling. But rather than sitting around worrying about (or putting to the back of your mind) something that you know you need to do… ask yourself, “What would Net Primates do now?”
Don’t let those thoughts turn into cybersecurity nightmares; put yourself in the shoes of Net Primates and take action!
Cyberattacks are here to stay – they are not going away even if we tuck thoughts of them to the back of our minds. At Net Primates we decided several years ago that cybersecurity needed to be at the core of our IT Support provision. Yes, we’d rather be setting up your shiny new IT kit and taking you through the latest software, but we know that strong cybersecurity must be in place before we get to the exciting stuff.
In this article we put the emphasis on passwords, but we’re also highlighting some other areas that you simply can’t ignore (and all are areas that we can help you with).
So, have you still got that same password set from when you originally created an email account? And have you used it in several places? You may be ‘on it’ with passwords, but it may still be a while since you thought about them.
So, what would Net Primates do now?
Firstly, we would change the password in question! But there are other actions to make your passwords even more secure and we can help you with these.
We recommend employing several security measures to protect your passwords:
- Encryption: passwords should be stored in encrypted form, using strong encryption algorithms, so that even if the data is compromised, it remains unreadable without the encryption keys.
- Secure storage: passwords should be stored in secure databases or password management systems, with restricted access to authorised personnel only. This prevents unauthorised individuals from directly accessing password information.
- Access controls: implement strict access controls and authentication mechanisms to ensure that only authorised personnel can access and manage password data. Multi-Factor Authentication is often used to add an extra layer of security.
- Regular auditing: periodic audits and monitoring of password systems help detect and respond to any suspicious or unauthorised access attempts.
- Password policies: enforce strong password policies, including regular password changes, complexity requirements, and avoiding common passwords.
- Secure communication: ensure that password-related data transmission is encrypted to prevent eavesdropping during communication.
- Employee training: educate employees about the importance of password security and best practices, including not sharing passwords and using unique passwords for different accounts.
- Backup and recovery: implement secure backup and recovery procedures to ensure password data can be restored in case of data loss or system failure.
- Third-party security: assess and secure third-party tools or services that may have access to your passwords, such as password management software or cloud services.
- Incident response: have a well-defined incident response plan in place to quickly address and mitigate any potential breaches or security incidents related to passwords.
Implementing these measures helps ensure the confidentiality and integrity of your passwords, reducing the risk of unauthorised access and data breaches.
Don’t ignore it – embrace it! Yes, not the most exciting thing in the world, but taking the time to add some additional information helps to secure your data.
So, the next time you’re asked if you want to set it up – do it!
There are other areas of your business where you won’t be asked to use MFA… these are areas where you need to be proactive. So, if you’re feeling a little icky about your data security and that of your suppliers and customers, ask us for help. A stitch in time saves nine…
Know that your staff need to be better trained in cybersecurity? Don’t put it off – get that training plan in place. Human error is a major factor in cybersecurity breaches, so look after your humans.
Not sure how to train them – we can help put your training plans together and deliver to your teams.
We’re sure you all have your backups in place… but if not please do get them sorted now. Without adequate backups you really are leaving your business exposed – imagine the damage a hacker could do if they held all of your data for ransom and you didn’t have copies.
No one wants a cyberattack, but regrettably they are happening all the time, even to businesses that are well covered with cybersecurity. So, you need your plan in place should you become a victim. Think of it like a fire drill – you operate in a safe building, but you still need to plan for a fire.
What will you do now?
Now that you have a clearer idea of what you need to do, what’s your plan? Don’t worry about cybersecurity – but please do take action so that you can sleep soundly. And if you’re unclear about what needs to be done, get in touch!