Skip to content
- Never leave workstations unattended. Always log off or lock your device. Consider setting up auto-lock after a period of inactivity.
- Cyber-security is a team sport. You are only as good as your weakest player. Build Cyber-awareness in your team to prevent phishing and other social-engineering attacks.
- Keep your software up to date. Turn on auto-updates when possible or check for updates regularly. Using the most recent patch ensures you are protected from known vulnerabilities.
- Practice good password hygiene. Just like colds can be prevented by washing your hands, cyber-attacks can be prevented with good password management. Do not reuse passwords across systems, particularly for sensitive systems such as servers and databases.
- Passwords should be changed regularly, and systems put in place to prevent password reuse. Consider utilizing a password manager.
- Implement and enforce two-factor authentication (2FA) for VPN, Email, Active Directory, and any other program that is vital to your technology infrastructure.
- Backup your data regularly. Accidents happen. Your data may be lost due to a hacker, hardware failure, or human error. Make sure you can recover your critical data quickly to keep your business running.
- Ensure Data destruction. Plan for when your data is obsolete, or the hardware it is stored on is replaced. Criminals will purchase refurbished devices hoping to recover your data. Do not let them succeed. Ensure your data is irrecoverably restored from all devices.
- Did you know printers and copiers have data storage devices? Would you want criminals to have access to your printed files? Ensure proper destruction of data storage when disposing of your printers and copiers.
- Many hackers gain entry through downloaded software. Ensure your employees know what they can and can’t install on their devices.
- Prepare, prepare, prepare. No one wants to be the victim of a cyber-attack, but failing to prepare for one, is preparing to fail. Build cyber-resiliency into your organization and come up with a plan to continue operations, recover systems, and remediate weaknesses.
- Control mobile devices. Ensure your mobile devices such as phones and laptops are secure in the event of loss or theft. Encrypt your device when possible, preventing criminals from accessing your data. Always ensure your devices require a password to unlock and practice good password hygiene.