Many people think cyber criminals target mainly enterprise companies and government institutions, but that isn’t the case. In fact, small and medium size businesses are often the favorite target of cyber criminals. And although not all cyber risk can be mitigated purely by training and awareness, it’s an important piece to the puzzle. Unknowingly responding to malicious emails or falling victim to other types of malware can have grave consequences. As an employee, you can have a big impact — either positive or negative — on your organization’s security. Here are several cybersecurity tips to keep in mind to protect yourself and your organization.
1. BE ALERT.
Use common sense and think twice before clinking links, opening attachments, visiting websites, or responding to emails or phone calls. Many cyberattacks can be prevented if you take a moment to consider the circumstances and potential consequences.
2. IDENTIFY PHISHING ATTEMPTS.
Be wary of emails or calls that require “immediate action” or ask for banking or personal information. Take a close look at links to make sure they point to a reputable site before clicking, and never respond to messages asking for your username and password.
3. USE TWO FACTOR AUTHENTICATION.
Add this protection to any sites or apps when available, not only work related, but for your personal email and social media accounts too. This extra layer of security requires you to identify yourself twice, and can protect you from having an account hacked or even something like a paycheck redirected.
4. CREATE STRONG PASSWORDS.
Make a lengthy password using a combination of uppercase and lowercase letters, numbers, and characters. Don’t reuse passwords. Consider using a password generator and a password manager, such as LastPass (which can serve both purposes).
5. LOCK YOUR DEVICES.
Never leave your devices unattended. Ensure your phone and tablets have passcodes and that your computer screen locks when you step away. This is especially important on a personal device, where you cannot rely on IT policies to auto-implement security rules such as screen locking time.
6. UPDATE YOUR BROWSER.
New viruses and malware are created all the time, so it’s important to update your browser regularly, or even better, configure it for auto-updates. This is especially important on a personal device, where you cannot rely on IT policies to manage updates for you.
7. STAY UP TO DATE WITH SOFTWARE.
To help prevent attackers from taking advantage of vulnerabilities on your smart devices, update phones, tablets, TVs, speakers, thermostats, etc. with the latest software available. If an auto-update feature is available, enable it. These devices can potentially be a source of infection just like any other computer.
8. LIMIT ACTIVITES ON PUBLIC WI-FI.
Always connect to a secure network when you can. If you must use a public network such as at a coffee shop or restaurant, make sure it is reputable. Don’t access sensitive information when connected, whether it’s for personal or business. Consider utilizing a dedicated hotspot on your cell phone if you’re traveling.
9. DON’T USE TEXT-BASED APPS TO STORE IMPORTANT INFO.
Do not use word documents, excel documents, Apple notes app, or any other text-based application to store work or personal passwords, or other types of information such as banking info, account IDs, or your social security number. Use credible password or data managers to encrypt and secure your business and personal information.
10. REPORT ANYTHING SUSPCIOUS.
Last but not least, if you notice something suspicious, whether it be an email or text or if you accidentally click a phishing link, alert Whizkids Security Team right away, by calling in to 612-454-0401. Alternatively you can email us at support@Whizkids.tech and your ticket will be routed to our security team. This will help ensure that the incident is handled quickly and any damage contained.Learn how to report suspicious or phishing emails to us here.
Cybersecurity impacts us all. In the modern workforce it is up to both employers and employees to remain educated on cybersecurity best practices to protect ourselves and our companies from malicious attacks.