From 2018 to 2019 the number of cyber-attacks doubled and was predicted to double every year going forward. But by April 2020 the number of attacks already doubled in 2019. Why? Today's modern workplace is about mobility. While some companies were already mobile prior to this year, the COVID-19 pandemic stretched every organization to take it up a notch. In the rush to do so to keep business running, the security posture of several companies was weakened. This opened up more vulnerabilities for bad actors to exploit. Here are five cybersecurity checks to ensure you're on track.
1) Turn on two-factor authentication to access your company's network and all web portals. For example, sites like web applications, Office 365, Salesforce, HubSpot, LinkedIn, and more. This ensures that any website you log into will prompt you to enter a second credential, often a code sent to your smartphone in order to access the site. That way bad actors need more than your password to access any information.
2) Enforce a complex password policy: New guidelines no longer preach frequent change but instead a 19+ character including upper case, lower case, numbers and special characters. The length of time it takes to crack a password grows exponentially with each character added. 9 characters can be cracked in 2 minutes, 10 characters in 2 hours, 11 characters in 6 days and so on.
3) Limit who can discover your personal information online. Do a search online for your firstname+lastname+company to see where your personal information appears, especially your email. Request removal of it from the sites you find. Look at your social media accounts like LinkedIn. Either remove your email address or limit who can see your personal info to 2nd degree connections or less.
4) Remove users' local admin rights on their computers. By removing local admin rights, the risks from clicking on bad links in websites or emails are reduced because the corresponding action of downloading and executing a malicious payload is less likely to be successful.
5) Isolate your backups and backup appliance from your network. When a cyber-attack happens it is designed to run across the entire network in your business. Ransomware for example is trying to encrypt as many devices and data as possible, this includes your backups. By preventing your network from accessing your backups and backup appliance you protect yourself, in the event of an attack because you still have secured data to restore.
Securing your future in the modern workplace will take more than the same old reactive IT support. Getting and staying cyber-secure takes proactive audit and alignment to best practices and real strategic IT guidance and direction. At Thriveon we provide a truly proactive IT service that brings our clients into alignment to best practices and strategically guides their entire technology spend which eliminates issues before they start and allows their business to do more with less.