It's Cybersecurity Awareness Month ~ Are you Cyber-Smart?
Posted on October 19, 2022
It's Cybersecurity Awareness Month
Take the time to review your digital routines to stay vigilant and protected online. Do your part, be cyber-smart. Review this cybersecurity checklist:
☑ Basic Security ~ a unique password for every account
Defend against hackers who try to break in using the same username and password combinations.
Password tips & tricks →
- Always use a unique password for each account you create. The danger with reusing passwords is that as soon as one site has a security issue, it‘s very easy for hackers to try the same username and password combination on other websites.
- Don’t use any personally identifiable information in your passwords. Names, birthdays, and street addresses may be easy to remember but they’re also easily found online and should always be avoided in passwords to ensure the greatest strength.
- Make sure your passwords are at least 12 characters long and contain letters, numbers, and special characters. Some people prefer to generate passwords which are 14, 24 or even more characters in length.
- If you’re creating a master password that you’ll need to remember, try using phrases or lyrics from your favorite movie or song. Just add random characters, but don't replace them in easy patterns.
- Use a password manager to save your passwords. It will keep your information protected from attacks or snooping.
- Avoid weak, commonly used passwords like asd123, password1, or Temp!. Some examples of a strong password include: S&2x4S12nLS1*, JANa@sx3l2&s$, 49915w5$oYmH.
- Avoid using personal information for your security questions, instead, use a password manager to generate another “password" and store it as the answer to these questions. The reason? Some of this information, like the name of the street you grew up on or your mother’s maiden name, is easily found by hackers and can be used in a brute-force attack to gain access to your accounts.
- Avoid using similar passwords that change only a single word or character. This practice weakens your account security across multiple sites.
- Change your passwords when you have reason to , such as after you've shared them with someone, after a website has had a breach, or if it's been over a year since you last rotated it.
- You should never share your passwords via email or text message. The secure way to share is with a password manager that gives you the ability to share a hidden password and even revoke access when the time comes.
Why you need a built-in password generator
Simplify your digital life with a strong password generator that’s built into your browser or an app on your phone. Password managers can create secure passwords right as you sign up – and then remember them all for you.
☑ Basic Security ~ I backed it up!
Data can be wiped out in many ways. Maybe your computer gets wet or a software update goes bad. A device can be lost in a fire or natural disaster. A virus could steal all your data or destroy your machine. A bad actor might target you with ransomware, which is when they hold the data on a device hostage unless you pay a fee.
The three best ways to back up your files?
- External hard drive. Backing up to an external hard drive, or even a USB flash drive, is the most traditional of all backup methods.
- Disk image. Creating a disk image is a great way to back up not only your files and folders, but also everything else on your computer.
- Cloud backup. Utilizing a cloud backup service is your best bet to ensure that your important data will remain safe and secure in the event of a virus. By storing your data off-site, with a trusted cloud backup provider, you can simply restore your system and retrieve your untampered files from the cloud.
☑ Basic Security ~ I vaccinated my computer!
What is antivirus in cyber security?
An antivirus product is a program designed to detect and remove viruses and other kinds of malicious software from your computer or laptop.
Antivirus software keeps running as a background process. Furthermore, it keeps scanning the device or and servers for any malware threat. It performs the functions as follows:
- Scans the specific files and directories for malware patterns which can indicate any malware.
- Allows the users to schedule scans according to them. Moreover, it then performs the scan at the scheduled time.
- Users can also scan the system anytime they want.
- If it detects any malicious software it removes it from the system. Furthermore, some software does this itself in the background. On the other hand, some software asks permission or inform the user before removing them.
- You must play your part in keeping viruses out by keeping your antivirus software running and up to date.
☑ Advanced Security ~ I have MFA turned on
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. MFA is a core component of a strong identity and access management policy.
Three Main Types of MFA Authentication Methods
Most MFA authentication methodology is based on one of three types of additional information:
- Things you know (knowledge), such as a password or PIN
- Things you have (possession), such as a badge or smartphone
- Things you are (inherence), such as a biometric like fingerprints or voice recognition
Examples of Multi-Factor Authentication include using a combination of these elements to authenticate:
- Answers to personal security questions
- OTPs (Can be both Knowledge and Possession - You know the OTP and you have to have something in your Possession to get it like your phone)
- OTPs generated by smartphone apps
- OTPs sent via text or email
- Access badges, USB devices, Smart Cards or fobs or security keys
- Software tokens and certificates
- Fingerprints, facial recognition, voice, retina or iris scanning or other Biometrics
- Behavioral analysis
Many web sites, apps and programs offer to help users setup MFA to protect your access to their offerings. It is wise to set up MFA when it is available.