Think back to some of the New Year’s resolutions you’ve made in the past. Maybe you resolved to lose weight. Maybe you resolved to quit smoking. How did those resolutions work out for you?
The most common stereotype with New Year’s resolutions is that they’re often forgotten or broken before January is even halfway through. Making commitments to improve one’s health is important; it’s more important to follow through on those commitments. Remember, nothing worth having comes without hard work.
The same goes for your information security. If you recognized some mistakes your company made in 2018, or you’re worried about becoming the next victim of a cyberattack, we’ve got some resolutions for you to stick to as you ring in 2019. But keep this in mind: Forgetting these resolutions could end up costing a fortune.
1. Create a culture of good cybersecurity practices.
A good cybersecurity plan starts with your employees. Start creating a solid cybersecurity strategy by first getting your workers to buy into your plans. Start by instituting a clear desk policy, prohibits employees from leaving sensitive customer information out in the open. You should also institute a computer lockdown policy, which requires employees to lock their computers or put them in sleep mode when they step away from their desks.
You should also ensure that best cybersecurity practices are fresh in everyone’s minds. Ensure this by regularly enrolling your staff in cybersecurity training courses.
2. Keep software up-to-date.
One of the worst habits for users to fall into is to continually put off any and all updates. When users do this, they’re actively deciding not to install the most recent security patches and features. As we’ve said before, updating your system and applications is one of the most effective ways to prevent a cyberattack, and it’s one of the easiest vulnerabilities to fix.
Internet browsers are especially common exploits for cybercriminals. Whether you’re using Chrome, Firefox, or Safari, check to make sure you’re using the most up-to-date version of that browser. If you really want to take the guesswork out of it, most browsers come with an automatic update feature that will upgrade as soon as a new version is available.
The same should be said for your antivirus and anti-malware programs. Though these are extremely valuable tools to have at your disposal, it’s common for them to become obsolete as new viruses and malware rise to prominence. Be sure to keep these programs up-to-date and make sure you’re protected against the latest threats.
3. Make access more difficult.
We’ve talked about the importance of a good password many, many, many times before, and why not? A good password is your first line of defense against cyberattacks, so its importance bears repeating. Unfortunately, not all businesses have gotten the memo. A New Year means a new you, and a new password. Resolve to create fresh, original passwords that meet the following criteria:
- The longer a password is, the more secure it is.
- Add some uppercase letters, a number, and a symbol.
- Make all your passwords unique.
- Don’t reuse old passwords.
- Don’t lose or forget your master password.
In addition to creating passwords that aren’t terrible, consider requiring two-factor authentication for all users who log in.
4. Conduct thorough audits.
You made a list of your vulnerabilities and checked over it several times to make sure you’d fixed any problems that arose—didn’t you? It’s easy to lose sight of where you’re at risk for exposure if you’re not even aware of the problem. This New Year, analyze your IT infrastructure and security protocols to see where cybercriminals could strike. View your systems through the eyes of a hacker and look at ways they would take advantage of any problem areas.
It seems like a daunting task, we know. Luckily, we can help.
5. Mind what you post.
We understand how many people feel obligated to share every detail of their lives to social media. Services like Facebook and Instagram provide incredible opportunities to connect with our friends and family, or to live vicariously through influencers and create vacation goals. Just like any other corner of the internet, however, social media is rife with cybercriminals. Through social engineering tactics, cybercriminals will try to trick users into handing over their sensitive information—such as passwords—in order to gain access to personal info such as credit card information. Learn to recognize fake profiles; if you’re already friends with someone and start getting requests from that same person, let that person know and report the imposter immediately.
Still, some information doesn’t even need to be tricked out of people. Information like trip details (where you’re going, how long you’ll be gone, etc.) give cybercriminals—and for that matter, burglars—the knowledge that your home or office will be empty, and how long you’ll be gone. If you must share a photo of that beach in Cabo, do it when you get back.
6. Use highest current security protocols.
As the internet has become more sophisticated in collecting user information, calls for privacy and security have become more prevalent. Secure websites, which are denoted with HTTPS in the URL, are becoming more and more the norm. If you’re collecting any sort of user information, even anything as benign as email addresses, this should be standard practice for your business.
But it’s not enough to just have a secure website. Make sure you’re using the highest current security protocols. While you may have previously received an SSL certificate for your site, you should now replace it with a TLS certificate. Show your commitment to customer privacy by staying on top of the latest innovations in online security.
What are some of your cybersecurity resolutions? Let us know in the comments!