October is National Cybersecurity Awareness Month, which is recognized each year to raise awareness about the importance of cybersecurity across our nation, ensuring that all Americans have the resources they need to be safer and more secure online.
“Each of us plays a vital role in ensuring that we are proactively identifying and mitigating possible cyber threats while at work and home,” said Darren Death, ASRC Federal Chief Information Security Officer.
Below are tips for good cyber hygiene — actions you can take to keep your company, customers and your personal information safe and secure. For more tips and information on how to “See Yourself in Cyber”, visit the Cybersecurity & Infrastructure Security Agency website.
Phishing and Similar Attacks: Always remain vigilant and skeptical when receiving messages, as an attacker can easily impersonate trusted sources like employers, business partners, and businesses like banks and stores. A message may seem legitimate but may be created by an attacker to gather sensitive data and personal information.
Carefully review any external emails and look for phishing attempts. It only takes one email to expose us to a security vulnerability. Be aware of unknown sources, and do not click on unrecognizable links.
Update Your Software at Work and Home: An attacker will gain access to your data by exploiting flaws in your computer. These flaws are discovered continuously and fixed through software and operating system patching. Update the application software and operating system on your computers, laptops, tablets, and phones. Also, update the applications residing on any of these devices, paying close attention to apps you use to communicate and interact with the internet, like your web browser and email software. The best way to take care of software updates at home is to turn on automatic updates for all operating systems, applications, and devices.
Use Strong Passwords and Multi-Factor Authentication: Strong passwords are an easy way to improve your professional and personal cybersecurity. Strong passwords include at least one number, one lowercase letter, one uppercase letter, one special character, and 14 or more characters.
- It is important to use different passwords for different accounts. As an example, if your favorite ride-sharing app is hacked. An attacker will use the username and passwords harvested from that app against other systems. If another app is attacked and you are using the same username and password, sensitive data may be exposed.
- Enable multi-factor authentication on all your sensitive accounts. Multi-factor can go by various names, such as two-factor authentication, MFA, or 2FA. Multi-factor authentication adds a second step into the authentication process for an application which serves to help identify that it is really you accessing the application.
Protect Proprietary and Personal Information: Protect your company, customer, and your personal information. Do not share company proprietary and personally identifiable information (PII) with unknown entities or over unsecured networks.
- Ensure that you securely manage devices and computers to protect company and personal information.
- Take steps to configure your personal computers and devices at home to use their built-in encryption capabilities.
- Be careful when using social media and accessing the internet. Cybercriminals may use social media and your internet searches to gather information about your company, vendors, and yourself. Be extra vigilant and do not share company proprietary and PII information on social media and when performing an internet search.
Taking the time to practice good cyber hygiene habits could spare you and your business or employer from a much more cumbersome problem down the road.