Cyber security basics password management

Cyber Security Best Practices

As we are all appreciating today’s technological environment, the internet is filled with trojans, viruses, and malicious links and activities that have had significant economic impact on small and medium size enterprises globally.

According to the IBM Security Report 2021, the average cost of a data breach in Canada was $6.75 million per incident in the 2021 survey year. That is up from $6.35 million the year before and the highest since IBM first included Canada in its survey seven years ago. It is also higher than the 2021 global average of US$4.24 million ($5.34 million), which in itself is a 10 per cent increase from the prior year and the highest global average in the survey's 17-year history.

The global average cost of cybercrime is expected to peak at US $6 trillion annually by the end of 2021, driven by the proliferation of ransomware attacks.

The IBM Security Report takes into account cost factors from legal, regulatory, and technical activities, loss of brand equity, customer turnover, and drain on employee productivity.

Their findings are based on breaches across 17 countries and 17 industries with data gathered from over 3,000 interviews.

The study also suggests cybersecurity efforts may have lagged behind as companies were forced to rapidly adapt to remote work during the pandemic.

Data breaches have become more common and frequent than ever before, and it makes unsuspecting users more vulnerable and impacting them in the worst possible way. A single click can create havoc in your organization or in a person’s life. It can lead to large financial losses and data theft, so it is essential for all users to stay safe and aware online and to secure their data.

Here are some best practices to be aware of to mitigate the risk and assist you in securing your data from unauthorized access and cyber-attacks.

1. Evaluate Before You Click

This is one of the key Cyber Security email tips that you can utilize to keep your data safe. Be careful of the unknown links you might receive through emails, messages, or visiting web pages that may not be secure. Click jacking is one of the methods used by hackers to gain access to your personal data. The links in emails in the form of password recovery emails, bank statements, etc. are popular methods used by hackers to trick you and obtain your personal information. The fake sites in these links are very similar to your real ones and the hackers will get you to provide your personal details and access your accounts.

2. Use Strong and Diversified Passwords

To make your passwords strong and secure, you can refer to the password policy guidelines of the National Institute of Standards and Technology Password Guidelines and consider the following:

-Use passwords with more than 8 characters and a maximum of 64 characters

-Never make use of the same password twice

-Use at least one uppercase letter, one lowercase letter, one number, and a few symbols other than &, #, _, @, etc.

-Use passwords that are easy to remember and also, do not leave clues in the open or make them available to the public

-Change your password often and reset it.

3. Use a Password Management Tool

It can be challenging to remember your passwords for various accounts. This can be simplified using a password management tool. A password manager is a program and/or software that assists in storing and managing your passwords. Access to your passwords uses a single ‘master key’ password. This assists in keeping your credentials secure. The most commonly used password managers include KeePass, LastPass, 1Password, Dashlane, and Roboform.

4. Establish Multi-Factor Authentication

Multi-factor authentication (MFA) provides a method to verify a user's identity by requiring them to provide more than one piece of identifying information. You have most likely encountered multi-factor authentication on some of your favorite websites already. For example, when you sign into your banking account, you may get a screen requesting that you enter the code that was emailed to you. Once you enter this code, you're then able to access your bank account. This is an example of MFA in action! Providing a username and password coupled with a code sent to your email is one form of MFA, but there are several other options you have for implementing MFA that you can research and determine the best fit for your organization.

5. Use Firewalls and Anti-Viruses

Your systems and networks can be attacked through various methods, such as malware, viruses, phishing attacks, trojans, spyware, etc., to gain access to your data. Anti-virus software and firewalls will be capable of defending itself against these attacks. Ensure your firewall or the software that you are using is updated regularly.

6. Understand Phishing Attacks

In phishing attacks, the hackers assume a different identity in order to manipulate you to provide your credentials, click on a malicious link, or open files or attachments that can attack the system with viruses or other malware. This can lead to a ransom attack. Here are some tips you can use in order to mitigate this risk:

-Avoid opening emails from unknown people or sources

-Hover over the links before clicking to determine where they are direct and if the link seems unsafe, do not click it

-Check for any type of grammatical errors and the id of the sender

7. Avoid Unfamiliar Websites

Be cautious of new sites shared with you as they may contain download attacks that can attack your system data. This type of attack does not require you to click on anything in order to get your computer infected. It attacks your system through malicious code as soon as you click on the link of the website.

These are some best practices that may assist in securing your private information and programs protected. Take the time to research in detail these practices to ensure you can implement best practices within your organization. Don’t miss out, subscribe to our emails below.