SPRING IS COMING !!! 5 Cyber Spring-Cleaning Tips

If you haven’t gotten around to giving your network a good spring cleaning yet, now it’s a great time to do so.

5 tips to improve your security:

 

1.    Review third-party access and policies:Network admins and IT workers should have a formal system in place for reviewing and removing access and credentials they have issued to contractors and third parties, but somehow a few of these always slip through the cracks. Make a point, at least once a year, to review which contractors and third-party services have access to your network or VPN, remove ones that are no longer active, and ensure the existing ones are entirely locked down.

2.    Take inventory of network upgrades:Look at how your network has changed and assess if your current security hardware and software is still adequate. As employees bring in more IoT devices, your network has to be prepared to secure your assets also outside your network. Make sure your network isn’t outgrowing its security controls.

3.    Test a new phishing baseline: every company should be conducting regular phishing training for all employees. Most cyber-attacks start from human risk(phishing). So, it is essential to train your employees on how to avoid and identify phishing messages. You should ask yourself, are my employees able to detect the latest spear-phishing threats? Will they be able to identify a fake bank log-in page if they see one? Does your training tool give immediate feedback when users click a malicious link? Keep your employees well-trained, and they will be your greatest security asset.

4.    Catch up on Irregular patching: Make sure you have the latest system updates in a way to keep up with the changes. Check, the firmware updates on all hardware devices and bring them up to date, and consider a plan to replace any dangerously old servers hanging around.

5.    Change passwords and consider MFA: How many times have you used the same password for a different log-in? I guess almost everyone is guilty on this. Imagine if a cybercriminal gets your Facebook password… moreover, because you re-use your Passwords, he/she can access your bank account, Gmail and any other log-in that you have used the same password. Not COOL!  This year, encourage employees to use password managers and multi-factor authentication tools. Password managers make it easy to change passwords, and often have a feature that will automatically change all of a user’s passwords at once. Also, if your organization doesn’t have a company-wide multi-factor authentication solution in place, consider investing in one. The number of data breaches caused by stolen or simple passwords continues to grow and adding MFA is one of the best ways to significantly reduce the risk of these breaches. Multi-factor authentication is an authentication method in which a computer user is granted access only after successfully presenting two or more pieces of evidence to an authentication mechanism: knowledge, possession, and inherence.

 

With the implementation of these good practices, you can be sure that your assets will have a much more active security layer. If you got any questions on how to implement these steps on your environment, get in touch with  US, we are more then happy to guide you and help.

Have a great long  weekend

 


Gabriel Mallmann