1. Enable multi-factor authentication
90 percent of data obtained through phishing scams are user credentials, and between 80-90 percent of passwords can be hacked in under 24 hours. Multi-factor authentication (MFA) makes a user enter two or more independent credentials before granting access. Typically, credentials are:
- Something the user knows (password or PIN)
- Something the user has (phone or card)
- Something the user is (face and fingerprint)
2. Strengthen your passwords
Mnemonic passwords are far more secure than your typical password. First, you start with a memorable phrase that has between 8-32 characters, upper and lower case letters, and at least one number. After selecting a phrase, make it weird by replacing ‘a’ with ‘@’, or ‘s’ with ‘$’ for example. If you wish to use it as your master password, instead of copying, customise. For your CRM login, simply put ‘CRM’ at the end of the master phrase. Alternatively, there are a number of password manager tools available which require you to remember one just password, while it generates individual passwords for each account.
3. Leverage Antimalware software
Antimalware software are programs designed to prevent, search for, detect, and remove software viruses. If your devices are running Windows 10 then Windows Defender Antivirus is working for you. BUT, be sure to check in Windows Defender Security Centre that the program is actively enabled because this isn’t always the case. For an added layer of security, HP Sure Run works to ensure all your PCs critical processes remain enabled. If they stop, HP Sure Run automatically reactivates them.
4. Maintain up to date software
The threat landscape is an ever-evolving beast. If your software isn’t up to date, there’s a good chance you’re missing critical security patches for recently discovered threats. And this goes for everything from the operating system right down to your web browser and office applications. To keep your software up to date, verify in your OS that automatic updates are enabled, or use an update manager such as HP Support Assistant to notify you when an update is necessary. Just remember, the older your software, the less reliable and secure it is.
5. Secure your browser
Browsers are the number one tool we use to access the internet, so naturally, they’re the number one target for potential hackers. To keep your browser as secure as possible, there’s four steps you can follow:
- Use a trusted browser such as Explorer, Chrome or Edge.
- Keep it up to date by enabling automatic updates.
- Listen to the pop-up displays and heed the warnings.
6. Secure your network
In a recent report by HP, routers were shown to be the most frequently exploited type of device for Internet of Things (IoT) attacks. Connected to everything else in your network, it’s imperative to secure your network. Here are four ways in which you can do that.
- Password required, there is never a reasonable situation in which a user shouldn’t have to enter an administrator password to access the network.
- Configure encryption – with WEP, WPA, WPA2, WPA3 (weakest to strongest), always select the highest encryption standard possible.
- Maintain up to date firmware.
- Leverage Virtual Private Networks (VPN)
7. Maintain vigilance on public Wi-Fi
Wireless connectivity is everywhere, from airports and cafés to entire cities. It’s overly convenient, but also incredibly dangerous. To protect yourself as best as possible, follow these three rules:
- Limit the context of your activity – try not to access sensitive information like business-critical files, bank details, and passwords.
- Limit your activity to encrypted sites. So, HTTPS (https://) sites as opposed to the unsecured, plain text HTTP.
- As mentioned in number 6, route everything through a VPN.
8. Prevent visual hacking
It may sound trivial, but don’t underestimate it. Visual hacking occurs when sensitive information is on display in a public place either a business competitor or identity thief sees it, then captures it, and exploits it. It’s important to be aware of your surroundings, and when in public places limit your exposure as much as possible. For added security, HP Sure View Gen2 is an integrated privacy screen specifically designed to prevent visual hacking.
9. Encrypt your data
Lost and stolen devices are a top 5 cause for loss of business-critical data. When a device is stolen the first thing that’s attacked is the hard drive. With encryption, even if a devices hard drive falls into the wrong hands, the information on it is unintelligible without the secret decryption key. Windows 10 and other encryption tools BitLocker make it easy to encrypt your valuable data. Talk to a CodeBlue expert for a run-down of how to best leverage these tools.
10. Protect below the operating system (OS)
Beneath a PCs operating system lies the Basic Input Output Software (BIOS), which is responsible for booting up a computer and helping to load the OS. If a hacker was to gain access to your BIOS, the computer is essentially theirs. To keep it as secure as possible, consider the following:
- (Again) Keep it up to date at all times
- Set a BIOS password to avoid settings being unnecessarily changed
- Set a power-on password – password access required before the system runs anything.