Last quarter, we focused on risk. We focused on what it is, as well as what can increase it and how it can affect your business. Also, last month was Cyber Security Month, which always leads us into our 4th quarter topic of Cyber Security. I can hear the cheering….
We typically focus the whole quarter on security, but this year, I promise to let you out of class early, lol! I will focus on it for this month, and this month only. Why shorten this discussion? To be honest, 2020. Many of us are very much in the middle of just trying to survive this trying time. However, good Cyber Security practices are still important enough to make sure we mention them. I’m also not going to preach about all the things you should be afraid of out there in the scary old internet, or why you should be doing them. It’s because, you already know! For most of you, this is just a reminder of what you already know you should be doing. I’m just going to give a list of best practices. These are things that, EVERY BUSINESS should have their users doing. So let’s get on with it, shall we?
For god sakes, get one. It’ll make your life easier, I swears it!
Use it. This will not make your life easier, but it is probably the most important thing you can do to protect your accounts. Also, with the right password manager, you can make this a simple process as well.
Limit Administrator Account Use
The account you log into for day to day work, should not be an administrative account. This goes for work computers, but also your personal computers at home. Only use admin accounts when you need to install or uninstall software or make system changes. That way, if your account does get hacked, the hackers won’t get administrative access.
Password Best Practices
I promise to be calm on this one. **Deep Breath. Exhale** It is not recommended to use words within your password that are at all related to any common information related to you or your business. Don’t use, ahem:
- Your birthday
- Your kids birthday
- Your street
- The city you live in
- They city you used to live in
- 123 (in fact, don’t use any sequence of numbers!)
- The word “Password”
- Your nickname
- Your wife’s name
I’m getting a little worked up, so I’ll stop there. The best practice is to use long passwords. Phrases work well as things that are easy to remember. Don’t. Write. It. Down. The best is to use a password manager.
Ignore Strange Messages
Like I said in the beginning; this info is not really anything new. So, trust your judgement. If it doesn’t seem right, it probably isn’t. If you don’t know the sender of a message, ignore it. If it’s important, it will be sent again. And, even if you know the sender, if it seems suspicious, reach to the sender by phone and see did they mean to send it. Also, for anyone who may not know this…Microsoft is not calling you. Trust me, I’ve been doing IT for over 20 years, and unless I have called them, Microsoft has never called me.
Get Proper Training
Cyber Security attacks are getting complex. They are also coming from every direction these days, from phone calls to emails, and snail mail to text messages. Without the proper training, you are relying on your users know how to identify these threats and properly avoid them. Cyber Security training should be part of your staff’s regular training.
Get Cyber Security Insurance
This has a lot to do with risk, and depending on what type of risk you have, you may need to look at getting Cyber Security Insurance. It’s best to speak with an IT professional to assess that risk for you, but our most general rule of thumb is whether you have your client’s data stored within your systems. If you do, you probably should have Cyber Security Insurance.
And that’s all I’m going to say about security. Make a plan to get those things covered before the end of the year. If you need help with these things, let us know. We can help you plan for a secure 2021!